02-11-2020 03:11 PM
On our quarterly internal vulnerability scans this keeps coming up on our EXOS switches. Example I’m looking at an X450G2 stack right now. It shows port 443 SSL v 3 is enabled. How can I disable SSL 3 and enforce TLS 1.2 only?
Thanks!
Oh switch stack in question is running 22.5.1.7
02-09-2021 07:38 PM
Hello Pawnfodder,
you can't change the TLS version but you can select available ciphers since version 22.4 with "configure ssh2 enable cipher mac"
02-09-2021 06:43 PM
Just adding in here as I can’t seem to find the answer anywhere?
I have switches on current firmware, but am wondering how to disable SSLv3 for the web management page. Certainly running a newer firmware doesn’t disable SSLv3 from being used on 443.
Is the recommendation to just disable https altogether? Abandon ship vs a quick fix?