4 Replies Latest reply on May 18, 2018 2:55 AM by sayalirevalkar

    Solarwinds vulnerabilities on port 5671

    terryhallal

      I have vulnerabilities that are showing up on Solarwinds using port 5671. I've been trying to search the web for resolutions, but have not been able to make much progress. List of vulnerabilities are CVE-2016-2183, CVE-2016-6329, SSL Certificate Cannot Be Trusted, SSL Certificate Chain Contains RSA Keys Less Than 2048 bits, SSL Certificate with Wrong Hostname, SSL Medium Strength Cipher Suites Supported, SSL Self-Signed Certificate, SSL Weak Cipher Suites Supported and CVE-2015-4000. The only link that I've found is for the first 2 CVEs, but following the steps did not mitigate the vulnerabilities.

      https://support.solarwinds.com/Success_Center/Network_Performance_Monitor_(NPM)/Sweet32_and_SolarWinds_Orion_products_-_CVE-2016-2183_and_CVE-2016-6329

       

      I'm using NPM 12.1 and SAM 6.4. I've put in a support request to SW, but I figured I'd see if the Thwack community had any additional information to offer. Thanks!