Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Prime
Contributor

TLS Version 1.0 and 1.1 Protocol Detection Vulnerbility

We not using Checkpoint remote VPN in current setup but still we want to fix the TLS related below mentioned vulnerability.

TLS Version 1.0 and 1.1 Protocol Detection Vulnerbility.

We have VSX deployment and running r80.10 gaia os.

Also what will be the impact if we disable 1.1 and enable 1.2.

0 Kudos
12 Replies
Chris_Atkinson
Employee Employee
Employee

I assume the context here is sk154532 what other blades are enabled in the environment?

CCSM R77/R80/ELITE
0 Kudos
Prime
Contributor

Can you share me the sk154532 link?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Note access to some SK articles may depend on you support/partner/certification level.

CCSM R77/R80/ELITE
Prime
Contributor

Do I need to install policy after making the changes?
0 Kudos
PhoneBoy
Admin
Admin

Yes
0 Kudos
Prime
Contributor

I have made changes today..waiting for the team to re-scan and check if we still get this vulnerability or not.
0 Kudos
Prime
Contributor

We have received report from VAPT team after rescanning the Checkpoint devices, still this Vulnerability is showing Open in the report.

0 Kudos
PhoneBoy
Admin
Admin

Recommend working with the TAC on this.
0 Kudos
Prime
Contributor

TAC has shared below sk.

Kindly check sk132712, if this is relevant? (For Disabling TLS1.0 and TLS1.1)

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Relevance probably depends on which ports the scan revealed the lower TLS versions for.
CCSM R77/R80/ELITE
0 Kudos
Prime
Contributor

vapt report says for port 443
0 Kudos
Prime
Contributor

We followed the sk147272 on both the cluster member to mitigate TLS and sweet32 vulnerabilities and re-scaned the device now we don't see this in open.

Issue resolved

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events