New Member
•
2 Messages
CG3000DCR - Fixing SSL vulnerabilities
Hello:
We routinely scan all of our external points of presence for network vulnerabilities and wonder how Comcast handles remediating vulnerabilities that have been identified? What is the reporting mechanism for customers to get this information to Comcast for remediation?
We are running a CG3000DCR, with firmware V1.33.03. The curent vulnerabilties that have been identified by our scanner are:
- CVE-2014-0224
- SSL Connection: Weak Ciphers Enabled
- SSL Connection: SSL Version 2 Enabled
- SSL Certificate: Chain Contains Weak RSA Keys
Please advise as to how we can get these items remediated.
Accepted Solution
AFCU
New Member
•
2 Messages
10 years ago
Thanks, Comcast_John. We'll give the firmware upgrade a try. I've read about some issues with 1.34.04 in this forum: Is this a stable build?
0
0
train_wreck
Gold Problem solver
•
610 Messages
10 years ago
I do not have a specific answer as to how each of those issues could be fixed, but i will say that your device's firmware 1.33.03 is close to a year old; the current version is 1.34.04, i believe.
Perhaps Comcast_Jon/Comcast_John could provide more insight as to whether these issues are addressed in later firmware revisions.
0
0
CC_John
Retired Employee
•
1.9K Messages
10 years ago
HI AFCU. Any issues or problems with your service can be handled by the Business SErvice Center @ 1-800-391-3000.
I contacted the Equipment Engineering Team for assistance on this issue. They recommend updating the Firmware to version 1.34.04 and retest. To get the latest version you can power down the Netgear for at least 2 minutes, the latest version will download your device. If the device still shows your old version please let me know.
Thank You
0
0