Bug 44833

Summary: make univention-management-console-server ciphers configurable
Product: UCS Reporter: Jens Thorp-Hansen <thorp-hansen>
Component: UMC (Generic)Assignee: UMC maintainers <umc-maintainers>
Status: CLOSED DUPLICATE QA Contact: UMC maintainers <umc-maintainers>
Severity: normal    
Priority: P5 CC: best
Version: UCS 4.2   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
What kind of report is it?: Security Issue What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?: Yes
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: 2017061521000462 Bug group (optional):
Max CVSS v3 score:

Description Jens Thorp-Hansen univentionstaff 2017-06-21 10:16:12 CEST 
Relevance: important for PCI-DSS

Pentest:
Port 6670 weak ciphers:
 
Accepted TLSv1.2 112 bits DES-CBC3-SHA
Accepted TLSv1.2 56 bits DES-CBC-SHA
Accepted TLSv1.1 112 bits DES-CBC3-SHA
Accepted TLSv1.1 56 bits DES-CBC-SHA
Accepted TLSv1.0 112 bits DES-CBC3-SHA
Accepted TLSv1.0 56 bits DES-CBC-SHA
Accepted TLSv1.0 128 bits  RC4-SHA                      
Accepted TLSv1.0 128 bits  RC4-MD5  
Accepted TLSv1.1 128 bits  RC4-SHA                      
Accepted TLSv1.1 128 bits  RC4-MD5
Accepted TLSv1.2 128 bits  RC4-SHA                      
Accepted TLSv1.2 128 bits  RC4-MD5

The used ciphers should be configurable.
Comment 1 Florian Best univentionstaff 2017-06-21 12:03:01 CEST 
I fixed this yesterday in Bug #40998.

*** This bug has been marked as a duplicate of bug 40998 ***