H610SのNmapスキャンで、キー強度が不十分なDiffie-Hellmanグループに固有の脆弱性が報告される

最後の更新
PDFとして保存

Views:: 29

Visibility:: Public

Votes:: 0

Category:: solidfire-chassis

Specialty:: solidfire

Last Updated:

環境

H610S
H610C
トリトン"
SolidFire
Nmap

問題

H610SのBMCのNMAPスキャン出力でキー強度が不十分であると報告されています。

nmap --script ssl-dh-params X.X.X.X Starting Nmap 7.92 ( https://nmap.org ) at 2023-05-17 12:39 MDT Nmap scan report for X.X.X.X Host is up (0.022s latency). Not shown: 995 closed tcp ports (conn-refused) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 443/tcp open https | ssl-dh-params: | VULNERABLE: | Diffie-Hellman Key Exchange Insufficient Group Strength | State: VULNERABLE | Transport Layer Security (TLS) services that use Diffie-Hellman groups | of insufficient strength, especially those using one of a few commonly | shared groups, may be susceptible to passive eavesdropping attacks. | Check results: | WEAK DH GROUP 1 | Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | Modulus Type: Non-safe prime | Modulus Source: RFC5114/1024-bit DSA group with 160-bit prime order subgroup | Modulus Length: 1024 | Generator Length: 1024 | Public Key Length: 1024 | References: |_ https://weakdh.org 5120/tcp open barracuda-bbs 49153/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 15.58 seconds