Zimbra Forums

Zimbra Collaboration & Zimbra Desktop Forums
https://forums.zimbra.org/

SSL Server Allows Anonymous Authentication Vulnerability

https://forums.zimbra.org/viewtopic.php?t=66172

Page 1 of 1

SSL Server Allows Anonymous Authentication Vulnerability

Posted: Thu May 16, 2019 10:22 pm
by efonseca
Release 8.8.6_GA_1906.RHEL7_64_20171130041047 RHEL7_64 FOSS edition.

Good afternoon :

I have made several adjustments to the server to avoid the vulnerability presented by Qualys, it is presented in ports 25 and 465, it can help me correct the problem:

This is a sample of a scan with Zenmap

Re: SSL Server Allows Anonymous Authentication Vulnerability

Posted: Fri May 31, 2019 8:19 am
by phoenix
efonseca wrote:I have made several adjustments to the server to avoid the vulnerability presented by Qualys, it is presented in ports 25 and 465, it can help me correct the problem:
Read the wiki article on how to achieve an A+ on Qualys, that's covered there and you should get yourself on the most recent ZCS version.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited