cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
686
Views
10
Helpful
7
Replies

LMS 3.1 - SSL 3.0

georgeef1
Level 1
Level 1

Hi,

Can SSL 3.0 be used with LMS 2.0.

Our local vulnerability scanner has identified a vulnerability with use

of SSL 2.0 presently used in our ciscoworks application server.

Can use of SSL 3.0 be

used and if so, when/how is this available to remediate this vulnerability? Our plaform

is Solaris 2.10

1 Accepted Solution

Accepted Solutions

This is not possible. SSLv2 must remained enabled on the server for compatibility purposes. The next generation of LMS will disable this legacy encryption protocol.

View solution in original post

7 Replies 7

Joe Clarke
Cisco Employee
Cisco Employee

SSL 3.0 and TLS 1.0 is enabled by default with LMS. Due to the need to support legacy components, we also offer SSLv2.

Hi jclarke,

Thanks for this instant support !

Please tell where I can find if which version of SSL is used and how we can alter the version according to our necessity.

-Thanks

All modern browsers will use either SSLv3 or TLSv1 by default. You can usually set this up in your browsers advanced or security preferences. For example, in Firefox, go to Advanced > Encryption. You'll see only SSLv3 and TLSv1 are available.

Hi jclarke,

Appreciate the information - however one of the things that this relates to is preventing it from being used on the server - rather than just limiting it to the client to choose one or the other. Can we look at hoew to just limit it to SSL 3.0?

This is not possible. SSLv2 must remained enabled on the server for compatibility purposes. The next generation of LMS will disable this legacy encryption protocol.

Hi Jclarke,

Thanks for your time and responses.

Your answer gives it all, but as it is required by us as per the security perspective, can we disable LMS server to respond to SSL 2.0. If not can a PER be filed for it.

Thanks.

No, this is not supported. Like I said, removing SSLv2 is already planned for a future release.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco