CVE-2016-2183: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

This vulnerability can be remediated using group policy.

  • Computer Configuration > Administrative Templates > Network > SSL Configuration Settings
    • In SSL Cipher Suite Order, enable policy if it is not enable
    • Delete:
      • TLS_RSA_WITH_3DES_EDE_CBC_SHA
      • TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  • Quit Group Policy and restart server.

Using Powershell

  • Get-TlsCipherSuite -Name DES
  • Disable-TlsCipherSuite -Name TLS_RSA_WITH_3DES_EDE_CBC_SHA
  • Get-TlsCipherSuite -Name DES to verify

Reference: NIST 

80  CVEs, Pentest

Question ?

You will receive an email when your question will be answered.

+ = Verify Human or Spambot ?