Hello Dears,
ILMT version:
|
BigFix 10.0.1.41
|
|
ILMT 9.2.21.0
|
|
Windows 2016
|
|
SQL 2017
|
i have the below Vulnerabilities , upgrading the ILMT version to the latest will fix it ?
i think Disabling TLS 1.0 and 1.1 is configuration issue won't be solved by the upgrade. The needed is to enable TLS 1.2
| Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Supports Transport Layer Security (TLSv1.1) |
over ssl |
8083 |
Serious |
| Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server supports Transport Layer Security (TLSv1.0) |
over ssl |
8083 |
Serious |
| IBM BigFix Information Disclosure Vulnerability (ibm10870242) |
|
52311 |
Serious |
| SSL Certificate - Signature Verification Failed Vulnerability |
over ssl |
52315 |
Medium |
| SSL Certificate - Signature Verification Failed Vulnerability |
over ssl |
9081 |
Medium |
| SSL Certificate - Signature Verification Failed Vulnerability |
over ssl |
8083 |
Medium |
| SSL Certificate - Signature Verification Failed Vulnerability |
over ssl |
1433 |
Medium |
| SSL Certificate - Signature Verification Failed Vulnerability |
over ssl |
443 |
Medium |
| SSL Certificate - Subject Common Name Does Not Match Server FQDN |
over ssl |
9081 |
Medium |
| SSL Certificate - Subject Common Name Does Not Match Server FQDN |
over ssl |
443 |
Medium |
| SSL Certificate - Self-Signed Certificate |
over ssl |
9081 |
Medium |
| SSL Certificate - Self-Signed Certificate |
over ssl |
8083 |
Medium |
| SSL Certificate - Self-Signed Certificate |
over ssl |
1433 |
Medium |
| Potential TCP Backdoor |
|
|
Critical |
| Host is Vulnerable to Extended Master Secret TLS Extension (TLS triple handshake) |
over ssl |
8083 |
Serious |
|
|
|
|
|
|
|
|
------------------------------
Mohammad Tulaib
------------------------------