I know this has been hit upon a few times already, but I’m not finding an answer that helps. I am running the latest Community Edition 22.8.0 built from source. I am trying to run a simple 1 port scan against a single host that has been shown to have a SWEET32 vulnerability.
If I run nmap from the cli of my GB scanner it finds it
My scanner config is set to scan all SSL
But the report isn’t showing anything found for weak suites
Appreciate any insight.
Thanks.
Hello,
and welcome to this community forum.
Please see the answer below given about the same topic in the past. In short it is very likely that this is a Non-HTTP service and that the relevant TLS_RSA_WITH_3DES_EDE_CBC_SHA can be found in the output of the SSL/TLS: Report Medium Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.902816) result.
cfi,
I appreciate the response. I saw that article and didn’t feel it really applied as the device does have a webpage that is accessible via browser, mostly. It is the webpage for the API interface. As I could browse to it and pull the cert from within the browser I didn’t think this applied. I may have been thinking incorrectly though… Thoughts?
Matt
I would check a few things in this case:
Services (OID: 1.3.6.1.4.1.25623.1.0.10330) for port 10010/tcp included in the report?10010/tcp: Does the result have a A web server is running on this port message?SSL/TLS: Report Supported Cipher Suites (1.3.6.1.4.1.25623.1.0.802067) for port 10010/tcp included in the report?10010/tcp: Does the result includes the affected TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher?If any of these question can be answered with no then no reporting for SWEET32 will be done.