Kibana 5601 port protocol & cipher can't detected

Septianingrum.17 · December 19, 2023, 3:29am

I just did a vulnerability scan and got the issue "SSH in Elastic server CBC Mode Ciphers Enabled" this vulnerability was detected on the Kibana server.

I have changed the server.ssl.cipherSuites and server.ssl.supportedProtocols configuration in the kibana.yml but the vulnerability is still detected in the next scan

configuration changes I made:

server.ssl.supportedProtocols: ["TLSv1.2", "TLSv1.3"]
server.ssl.cipherSuites: [ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 HIGH !aNULL !eNULL !EXPORT !DES !RC4 !MD5 !PSK !SRP !CAMELLIA]

is there another way to solve this issue?

Thank you,
Regards,
Septia

leandrojmp · December 19, 2023, 3:39am

This has no relation to Kibana, from what you described this is a vulnerability in your SSH server, not on Kibana, you need to fix it on your sshd server changing the ssd_config file.

This is out of the scope of this forum, but it is not hard to find how to fix it, check out this link as an example.

system · January 16, 2024, 3:39am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.