APAR status
Closed as program error.
Error description
Result of Nessus scan on ISPIM 2.0.2 appliance result revealed a 'low' severity vulnerability citing "SSH Weak MAC Algorithms Enabled". Technote http://www-01.ibm.com/support/docview.wss?uid=swg21902103 "SSH Weak MAC Algorithms Enabled" vulnerability mitigation on Network IPS appliances" instructs how to fix this to place these two lines at the end of file /etc/ssh/sshd_config Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,ar cfour MACs hmac-sha1,hmac-ripemd160 Using the facilities of the appliance dashboard options, causing these two lines to be so added was not possible.
Local fix
Problem summary
Result of Nessus scan on ISPIM 2.0.2 appliance result revealed a 'low' severity vulnerability citing "SSH Weak MAC Algorithms Enabled". Technote http://www-01.ibm.com/support/docview.wss?uid=swg21902103 "SSH Weak MAC Algorithms Enabled" vulnerability mitigation on Network IPS appliances"
Problem conclusion
Fixed in 2.0.2.6
Temporary fix
Comments
APAR Information
APAR number
IV82807
Reported component name
SEC PIM VIRTAPP
Reported component ID
5725H30VA
Reported release
202
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-03-18
Closed date
2016-06-30
Last modified date
2016-06-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SEC PIM VIRTAPP
Fixed component ID
5725H30VA
Applicable component levels
R202 PSY
UP
[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRQBP","label":"IBM Security Privileged Identity Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"202"}]
Document Information
Modified date:
10 September 2020