[OCPBUGS-51305] Vulnerability Identified: SSL Medium Strength Cipher Suites Supported (SWEET32) for tcp/10258 - Red Hat Issue Tracker

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.14
Component/s: Cloud Compute / Cloud Controller Manager
Labels:
None

Regression:
None
Sprint:
CLOUD Sprint 268, CLOUD Sprint 269
sprint_count:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Description of problem:

Vulnerability Identified: SSL Medium Strength Cipher Suites Supported (SWEET32)
Port: 10258
Protocol: TCP
Cipher Suite(s): ECDHE-RSA-DES-CBC3-SHA, DES-CBC3-SHA (3DES with 168-bit keys)
CVE: CVE-2016-2183

The AWS CCM is expected to be listening on port 10258 on an AWS cluster. 

On the customers cluster it is listening but for me on the lab cluster it was not running. 

~~~~
netstat -tupan | grep '10258'
tcp6       0      0 :::10258                :::*                    LISTEN      1311638/aws-cloud-c
~~~

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

    1.
    2.
    3.

Actual results:

Expected results:

Additional info:

Assignee:: Rachel Ryan

Reporter:: Divyanshi Srivastava

QA Contact:: Zhaohua Sun

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/02/26 4:11 AM

Updated:: 2025/03/31 2:26 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates