cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Vulnerable Enterprise Vault on IIS

galangtegar
Level 4

‎07-29-2018 07:52 PM

Dear Guys

I have implement enterprise vault 12.2 in my customer and then when we want to go live, their security policy scan the ev server website with acunetix web scan, they found 3 issue, one issue is high and then two more is medium, we can't go live if the enterprise vault website has vulnerability, result of webscan is below

  1. Microsoft IIS tilde directory enumeration (this is high Risk)
  2. RC4 cipher suites detected (Medium Risk)
  3. The POODLE attack (SSLv3 supported) (medium risk)

so what i have to do to resolve this vulnerability ?

please help if you have experience about that, any help would be apreciated 

 

Thanks 

 

 

0 Kudos
1 REPLY 1

PaulGrimshaw
Level 4

‎07-30-2018 04:57 PM

Ultimately you would need to raise a support case so we could look at these vulernabilities.

Enterprise Vault Senior Principal Engineer APJ
0 Kudos