Support #11147
Support #11071: [SCP ID :##5446##] : PCI DSS Finding: Jquery Vulnerablity and Beast attack enable
[11071] Beast attack enable
Status: | Closed - End of life cycle | Start date: | August 19, 2020 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Nurul Athira Abdul Rahim | % Done: | 100% | |
Category: | - | Spent time: | - | |
Target version: | - |
Description
Combined issue with redmine 11071, Jquery has been updated and resolved. (Deploy by 19/08/20
Hi CF, please use this redmine ID to update the BEAST ATTACK ANABLE progress.
History
#1 Updated by Chun Feng Lim about 4 years ago
- Status changed from New - Begin Life Cycle to Development / Work In Progress
- % Done changed from 0 to 50
Beast attack vulnerability are due to domain/website allowed weak tls 1.0. Hence by disabling tls 1.0 will able to resolve this issue. As related to PCI DSS unsecure tls usage, we ensure IBM web server are disabled tls 1.0 and 1.1. BSN server team haven get back to us on the investigation of which device currently holding the domain name still allow tls 1.0 currently
#2 Updated by Chun Feng Lim about 3 years ago
- File BSN Cert Scan.pdf added
- Status changed from Development / Work In Progress to Closed - End of life cycle
- Assignee changed from Chun Feng Lim to Nurul Athira Abdul Rahim
- % Done changed from 50 to 100
BSN Network Team has perform remediation/fix's in their network lv not to allow TLS 1.0 & 1.1. Problem has been resolved