Guest

Preview Tool

Cisco Bug: CSCvv47593 - BEMS Case: Mygdonus allowing more cipher suites than base platform during TLS negotiation

Last Modified

Oct 05, 2020

Products (1)

  • Cisco Webex Teams

Known Affected Releases

unspecified

Description (partial)

Symptom:
A network scanner could report - "TLS/SSL Server Supports The Use of Static Key Ciphers (ssl-static-key-ciphers)" vulnerability on port 33432 used by mygdonus on TLSv1.2

Conditions:
The scanner could report that the following insecure cipher suites were accepted on port 33432:
 
TLS 1.1 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA

TLS 1.2 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.