Nessus Scan Finds Older SSL/TLS Versions in Use by P6 EPPM
(Doc ID 2470019.1)
Last updated on MARCH 22, 2022
Applies to:
Primavera P6 Enterprise Project Portfolio Management - Version 8.4.15.0 and laterInformation in this document applies to any platform.
Symptoms
Nessus security scanner keeps finding older SSL/TLS protocols (TLSv0, TLSv1, SSLv4) being supported by the Primavera servers.
How can this be changed to support TLS 1.1 and 1.2 and NOT previous versions?
P6.OUT will contain messages similar to:
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 512
*** ClientHello, TLSv1
RandomCookie: GMT: 1689355773 bytes = { 41, 16, 207, 201, 178, 238, 132, 74, 17, 27, 227, 4, 158, 55, 26, 250, 201, 240, 0, 204, 86, 92, 154, 9, 117, 125, 137, 66 }
Session ID: {}
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |