InfoSphere Guardium fails PCI vulnerability scan "OpenBSD OpenSSH 4.3 on Check Point GAiA"

Troubleshooting

Problem

These document discusses some vulnerabilities that may be reported with the Guardium appliance from a PCI scan.

Symptom

PCI vulnerability scan on Guardium reports the following vulnerabilities:

 

EMAILADDRESS=support@guardium.com, CN=guardium.com, OU=CA, O=""
Guardium, Inc."", L=Waltham, ST=Massachusetts, C=US -- Path does not
chain with any of the trust anchors. The list of well-known, trusted
CAs is:

 
OpenBSD OpenSSH 4.3 on Check Point GAiA (Linux 2.6)
TLS/SSL certificate signed by unknown, untrusted CA:

 
TLS/SSL certificate is self-signed.

 
The subject common name found in the X.509 certificate ('CN=gmachine')
does not seem to match the scan target '':

 
SSL certificate is signed with MD5withRSA

 
 Length of RSA modulus in X.509 certificate: 1024 bits (less than 2047bits)

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"}],"Version":"9.0;8.2","Edition":"","Line of Business":{"code":"LOB76","label":"Data Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Tips

InfoSphere Guardium fails PCI vulnerability scan "OpenBSD OpenSSH 4.3 on Check Point GAiA"

Troubleshooting

Problem

Symptom

Log InLog in to view more of this document

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?