This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Vulnerabilities in Purview devices

Security Vulnerabilities in Purview devices

jtorresm
New Contributor

‎05-27-2020 12:05 PM

Hi

we received some vulnerabilites from security´s team, these are:

 

SNMP Agent is configured with “public” community

DDOS in SNMP “GETBULK”

For both these ones we deleted all about public community in SNMP

 

 

Server SSH CBC Cipher Mode Enabled

this is in PV Sensor but i dont now how to disable that mode.

 

SSL Certificate with HASH algorithm is weak

I tried to generate a certificate from SO with this commmand :

openssl genrsa -out CA.key 8192

 

application web is vulnerable to clickjacking

the recomendation is to have the most actual SO im in Ubuntu 16.04 in 8.3 Netsight and Pureview Console, so we are planning to upgrade to 8.4

 

Authentication signature not enabled on SMB

this is associated with Windows OS i dont know if applies in extreme application with linux.

 

can you help me with this o bring me some information to resolve it

0 Kudos
2 REPLIES 2

testpartner
New Contributor

‎05-28-2020 09:30 AM

If you run XMC as VM then you can upgrade to XMC 8.4. It will upgrade to Ubuntu 18.04

If you installed XMC on your own OS then you need to upgrade your OS by your own.

0 Kudos

testpartner
New Contributor

‎05-28-2020 09:28 AM

Hi,

 

On the SNMP topic.

If you are sure you do not need SNMPv1/2c then disable it and use SNMPv3 instead!

The Extreme Management Center and Engines do support SNMPv3 = configure it

Extreme switches support SNMPv3 also, configure SNMP properly to disable SNMPv1 and SNMPv2.

0 Kudos
GTM-P2G8KFN