Skip to main content
NetApp Knowledge Base

Nmap scan of H610S reports a vulnerability specific to Diffie-Hellman groups with insufficient key strength

Views:
70
Visibility:
Public
Votes:
0
Category:
solidfire-chassis
Specialty:
solidfire
Last Updated:

Applies to

  • H610S
  • H610C
  • Triton
  • SolidFire
  • Nmap

Issue

Nmap scan output for the BMC of an H610S report insufficient key strength:

nmap --script ssl-dh-params X.X.X.X
Starting Nmap 7.92 ( https://nmap.org ) at 2023-05-17 12:39 MDT
Nmap
scan report for X.X.X.X
Host is up (0.022s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT STATE
SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
| ssl-dh-params:
| VULNERABLE:
| Diffie-Hellman Key
Exchange Insufficient Group Strength
| State: VULNERABLE
| Transport Layer Security (TLS) services that use
Diffie-Hellman groups
| of insufficient strength, especially those using one of a few commonly
| shared groups, may be
susceptible to passive eavesdropping attacks.
| Check results:
| WEAK DH GROUP 1
| Cipher Suite:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| Modulus Type: Non-safe prime
| Modulus Source: RFC5114/1024-bit DSA
group with 160-bit prime order subgroup
| Modulus Length: 1024
| Generator Length: 1024
|
Public Key Length: 1024
| References:
|_ https://weakdh.org
5120/tcp open barracuda-bbs
49153/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 15.58 seconds

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.