Ibm® Sterling Connect: Direct




Download 84,26 Kb.
bet46/47
Sana24.03.2021
Hajmi84,26 Kb.
#13516
1   ...   39   40   41   42   43   44   45   46   47
Description of Fix: The fix adds the ability to engage a GSKit remediation for this vulnerability via a system environment variable named CD_GSK_OPTIONS. To enable the remediation, set the value of this system environment variable to GSK_ENFORCE_TDEA_RESTRICTION. Than cycle (stop and restart) Sterling Connect:Direct.

Caution: The effect of this remediation is to arbitrarily break a session after 32 GB of data have been transmitted.

Aside from the GSKit remediation, CD Secure+ Admin Tool (SPAdmin) and CD Secure+ CLI (SPCli) have been enhanced to display warnings when deprecated cipher suites or protocols have been configured, which includes all cipher suites using an RC4, DES/3DES or no encryption algorithm and the SSLv3 protocol. Note that deprecated cipher suites and protocols may be disabled in a future update.


Download 84,26 Kb.
1   ...   39   40   41   42   43   44   45   46   47




Download 84,26 Kb.