Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Security Vulnerabilities on CPUCMS

Hi All

Could someone assist me please?

We running a demo version of CPUCMS at a customer and the System administrator has advised that there are

security vulnerabilities on the server that runs CPUCMS and he would like to do the following:

1) Locate file C:\PROGRA~1\CSCOpx\MDC\Apache\conf\httpd.conf

Remove      -    SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:!LOW:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXP:!eNULL

Add below:-

SSLHonorCipherOrder On

      SSLCipherSuite RC4-SHA:HIGH:!ADH

2.)    Disable remote service rexec  , rlogin and rsh

Please advise if anyone has done this and also the impact it might cause on the application?

Many thanks

Shabeer

Everyone's tags (2)
208
Views
0
Helpful
0
Replies