We had an audit performed and it found that our Sophos 10.3.11 endpoints were vulnerable to the CVE-2014-0224 man in the middle attack on ecmnet (8194/tcp) http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://www.securityfocus.com/bid/67899 I think the scan was done using OpenVAS.
I need to show that we aren't really vulnerable and *WHY*. Or if we are, what is the plan to fix it. Can you guys help me out with this?
Hi there,
This isn't actually related to Sophos.
However you can try a quick fix on a test machine.
Open Internet Explorer>Internet Options>Advanced, scroll down to SSL, uncheck 1.0. and retest. If this works for you you can push the settings to all endpoints using Group Policy.
I haven't tested this so I'm not sure if this is the cause of the issue.
Regards.
Hi there,
This isn't actually related to Sophos.
However you can try a quick fix on a test machine.
Open Internet Explorer>Internet Options>Advanced, scroll down to SSL, uncheck 1.0. and retest. If this works for you you can push the settings to all endpoints using Group Policy.
I haven't tested this so I'm not sure if this is the cause of the issue.
Regards.
