Knowledge Document: Getting Bouncy Castle Vulnerability reported against Mobility Server

0 Likes

Environment

Groupwise-Mobility 18.4.2 
Groupwise 18.4.2

Situation

Some routine testing via Qualys has reported a vulnerability when scanning the Mobility server. The scan turns up RSA ciphers and the Bouncy Castle/Bleichenbacher vulnerability.

A scan from ssllabs.com also shows these vulnerabilities:
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1) WEAK 256
TLS_RSA_WITH_AES_256_CCM (0xc09d) WEAK 256
TLS_RSA_WITH_ARIA_256_GCM_SHA384 (0xc051) WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0) WEAK 128
TLS_RSA_WITH_AES_128_CCM (0xc09c) WEAK 128
TLS_RSA_WITH_ARIA_128_GCM_SHA256 (0xc050) WEAK
 

Resolution

If you encounter this problem, you must upgrade to the most recent release because security changes are made in each release. For this issue, upgrading to Groupwise-Mobility 18.5.0 resolved the issue.

Access article on support portal

 

Labels:

Support Tips/Knowledge Docs
Comment List
Related
Recommended