Nessus Scan Finds Older SSL/TLS Versions in Use by P6 EPPM (Doc ID 2470019.1)

Last updated on DECEMBER 03, 2019

Applies to:

Primavera P6 Enterprise Project Portfolio Management - Version 8.4.15.0 and later
Information in this document applies to any platform.

Symptoms

Nessus security scanner keeps finding older SSL/TLS protocols (TLSv0, TLSv1, SSLv4) being supported by the Primavera servers.
How can this be changed to support TLS 1.1 and 1.2 and NOT previous versions?

P6.OUT will contain messages similar to:

ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 512
*** ClientHello, TLSv1
RandomCookie: GMT: 1689355773 bytes = { 41, 16, 207, 201, 178, 238, 132, 74, 17, 27, 227, 4, 158, 55, 26, 250, 201, 240, 0, 204, 86, 92, 154, 9, 117, 125, 137, 66 }
Session ID: {}

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Nessus Scan Finds Older SSL/TLS Versions in Use by P6 EPPM (Doc ID 2470019.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!