search

zhmcclient / zhmc-prometheus-exporter

A Prometheus exporter for the IBM Z HMC
Apache License 2.0
11 stars 8 forks source link

Potentially vulnerability using TLS CBC ciphers #509

Open Charles1000Chen opened 2 months ago

Charles1000Chen commented 2 months ago

Describe the bug

Potentially vulnerability using TLS CBC ciphers

Expected behavior

The test item "LUCKY13" shoud be "OK" in testssh.sh test result.

To Reproduce Test with testssl.sh, it will report the issue in its test result.

Environment information

Command output

{
    "id"           : "LUCKY13",
    "severity"     : "LOW",
    "cve"          : "CVE-2013-0169",
    "cwe"          : "CWE-310",
    "finding"      : "potentially vulnerable, uses TLS CBC ciphers"
}

Log file <-- If possible, attach a log file generated with '--log-comp all=debug --log exporter.log'. -->

andy-maier commented 1 month ago

See #508 , should be solved together.