TPAM Vulnerability

We have scan our TPAM appliance and found this vulnerability  please suggest how to fix this vulnerability 

Vulnerability :-

  • Unsecure Encryption Protocols Detected.
  • Deprecated SSH Cryptographic Settings.

 

Solution :-

  • Disable insecure protocols and use TLS V1.2 or above with secured cipher suites.
  • Update SSH Cryptographic Settings.
Parents
  • Hi Joshan

    TPAM code 2.5.923 is using OpenSSH 7.4p1 while with your present release you may still be running OpenSSH 7.2.

    I would update your appliance to the latest code release first and then re-scan.

    You can only patch a TPAM appliance vir a PARPAck provided by One Identity. There is no other way to add/update any software on the TPAM appliance.

    If your scan still shows an issue after patching you will need to contact One Identity Support and log a case with them for resolution.

    Also if you are using DPA V3 you will need to upgrade these to V4 release to use the newer SSH ciphers.

    You cannot upgrade hardware based V3 DPA's to V4.

    Virtual DPA's can be downloaded and deployed to match the number of physical DPA's you have.

    If you require physical DPA's then you need to contact your One Identity account manager as these are not a FoC upgrade.

    Best regards

    Tim

Reply
  • Hi Joshan

    TPAM code 2.5.923 is using OpenSSH 7.4p1 while with your present release you may still be running OpenSSH 7.2.

    I would update your appliance to the latest code release first and then re-scan.

    You can only patch a TPAM appliance vir a PARPAck provided by One Identity. There is no other way to add/update any software on the TPAM appliance.

    If your scan still shows an issue after patching you will need to contact One Identity Support and log a case with them for resolution.

    Also if you are using DPA V3 you will need to upgrade these to V4 release to use the newer SSH ciphers.

    You cannot upgrade hardware based V3 DPA's to V4.

    Virtual DPA's can be downloaded and deployed to match the number of physical DPA's you have.

    If you require physical DPA's then you need to contact your One Identity account manager as these are not a FoC upgrade.

    Best regards

    Tim

Children
No Data