-
Bug
-
Resolution: Done
-
Normal
-
ACM 2.7.0
-
1
-
False
-
None
-
False
-
-
-
Observability Sprint 2023-03
-
Low
-
No
Description of problem:
Address the problem reported here https://issues.redhat.com/browse/ACM-2613
Steps to Reproduce:
Run secure-engineering deployment and exec into the pod and run
nmap Pn -sV --script ssl-enum-ciphers {}p 8443 insights{-}metrics
The command result shows 3des , which is the vulnerability.
apiVersion: batch/v1
kind: Job
metadata:
name: sec-eng
spec:
template:
- This is the pod template
spec:
containers:
- name: secure-engineering
image: quay.io/open-cluster-management/sec:latest
command: ['sh', '-c', 'echo "Hello, Kubernetes!" && sleep 3600']
restartPolicy: OnFailure
imagePullSecrets: - name: multiclusterhub-operator-pull-secret
Version-Release number of selected component (if applicable):
How reproducible:
Actual results:
Expected results:
Additional info:
- clones
-
ACM-3295 Remove 3des cipher for insights-metrics deployment
- Closed