IBM TechXchange Group

 View Only
  • 1.  ILMT Vulnerabilities

    IBM Champion
    Posted Wed June 07, 2023 11:15 AM

    Hello Dears, 

    ILMT version:

    BigFix 10.0.1.41

    ILMT 9.2.21.0

    Windows 2016

    SQL 2017



    i have the below Vulnerabilities , upgrading the ILMT version to the latest will fix it ? 
    i think Disabling TLS 1.0 and 1.1 is configuration issue won't be solved by the upgrade. The needed is to enable TLS 1.2 



    Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Supports Transport Layer Security (TLSv1.1) over ssl 8083 Serious
    Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server supports Transport Layer Security (TLSv1.0) over ssl 8083 Serious
    IBM BigFix Information Disclosure Vulnerability (ibm10870242)   52311 Serious
    SSL Certificate - Signature Verification Failed Vulnerability over ssl 52315 Medium
    SSL Certificate - Signature Verification Failed Vulnerability over ssl 9081 Medium
    SSL Certificate - Signature Verification Failed Vulnerability over ssl 8083 Medium
    SSL Certificate - Signature Verification Failed Vulnerability over ssl 1433 Medium
    SSL Certificate - Signature Verification Failed Vulnerability over ssl 443 Medium
    SSL Certificate - Subject Common Name Does Not Match Server FQDN over ssl 9081 Medium
    SSL Certificate - Subject Common Name Does Not Match Server FQDN over ssl 443 Medium
    SSL Certificate - Self-Signed Certificate over ssl 9081 Medium
    SSL Certificate - Self-Signed Certificate over ssl 8083 Medium
    SSL Certificate - Self-Signed Certificate over ssl 1433 Medium
    Potential TCP Backdoor     Critical
    Host is Vulnerable to Extended Master Secret TLS Extension (TLS triple handshake) over ssl 8083 Serious


    ------------------------------
    Mohammad Tulaib
    ------------------------------