topic Re: Security Vulnerabilities in Purview devices in ExtremeCloud IQ- Site Engine Management Center

Security Vulnerabilities in Purview devices

jtorresm — Wed, 27 May 2020 19:05:28 GMT

we received some vulnerabilites from security´s team, these are:

SNMP Agent is configured with “public” community

DDOS in SNMP “GETBULK”

For both these ones we deleted all about public community in SNMP

Server SSH CBC Cipher Mode Enabled

this is in PV Sensor but i dont now how to disable that mode.

SSL Certificate with HASH algorithm is weak

I tried to generate a certificate from SO with this commmand :

openssl genrsa -out CA.key 8192

application web is vulnerable to clickjacking

the recomendation is to have the most actual SO im in Ubuntu 16.04 in 8.3 Netsight and Pureview Console, so we are planning to upgrade to 8.4

Authentication signature not enabled on SMB

this is associated with Windows OS i dont know if applies in extreme application with linux.

can you help me with this o bring me some information to resolve it

testpartner — Thu, 28 May 2020 16:28:51 GMT

Hi,

On the SNMP topic.

If you are sure you do not need SNMPv1/2c then disable it and use SNMPv3 instead!

The Extreme Management Center and Engines do support SNMPv3 = configure it

Extreme switches support SNMPv3 also, configure SNMP properly to disable SNMPv1 and SNMPv2.

testpartner — Thu, 28 May 2020 16:30:51 GMT

If you run XMC as VM then you can upgrade to XMC 8.4. It will upgrade to Ubuntu 18.04

If you installed XMC on your own OS then you need to upgrade your OS by your own.