New Member
•
3 Messages
Fixing SSL Vulnerabilities
Hi,
We've been having an issue for a little while now. We have a card reader at our office and it uses Trustwave to scan for vulnerabilities each month. The last scans have been showing these results:
CVE-2004-2761 Insecure certifcate Signature Algorithm in Use
CVE-2013-2566 SSL/TLS Weak Encryption Algorithms
CVE-2015-2808
We need to fix these otherwise we will be going out of compliance and that's obviously bad since we run a business here and need said compliance for our patients/customers. I've tried updating our sonicwall's firmware to the most recent build and that still has not fixed it. I can list any information you would need but I appreciate any suggestions you could give.
Thank you.
Billshrinkers
New Member
•
3 Messages
9 years ago
Ah I see. It does help me though, I hadn't thought of the card reader's firmware yet. Thanks, I'll go with that step next.
0
0
VBSSP-RICH
Advocate
•
1.4K Messages
9 years ago
Hello Billshrinkers and welcome,
Unfortunately Comcast is not able to do anything pertaining to PCI Compliancy within the Comcast Gateways. These compliancy issues you reflected :
"
CVE-2004-2761 Insecure certifcate Signature Algorithm in Use
CVE-2013-2566 SSL/TLS Weak Encryption Algorithms
CVE-2015-2808
"
lead me to believe that your card reader itself needs to be updated with a secure certificate Signature Algorithm, which may also take care of the SSL/TSL Weak Encrption Algorithm. I believe you should contact the card reader manufacturer to see if there is a remote or direct means to update the firmware and get these PCI issues resolved.
Hope this helps you out.
0
0