7May
Nexpose reporting ciphers not present in machine
Nexpose reports the following vulnerability:
TLS/SSL Server Supports The Use of Static Key Ciphers. Negotiated with the following insecure cipher suites:
TLS 1.2 ciphers: TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384
But the Get-TlsCipherSuite
command outputs only these ciphers are present in the machine:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
How can I get rid of the vulnerability?