Agent 8.0.1 Scanned by Nessus

cglidden_apc · ‎2021-06-30

This was originally posted on APC forums on 5/11/2009

We are using APC PowerChute Business Edition 7.0.5 with 4 Agents of 8.0.1 on Windows Server 2003 machines. We run the Nessus security scanner against it, and it reports two "serious" problems with TCP port 2161 used by APC: SSL Server Allows Anonymous Authentication Vulnerability and SSL Server Supports Weak Encryption Vulnerability. Attaching the full output of the errors below:

SSL Weak Cipher Suites Supported
Synopsis :

The remote service supports the use of weak SSL ciphers.

Description :

The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.

See also :

http://www.openssl.org/docs/apps/ciphers.html

Solution :

Reconfigure the affected application if possible to avoid use of weak
ciphers.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}

Nessus ID : 26928

First, I'm not convinced that this isn't a false positive. Can anyone confirm that APC PowerChute uses SSL to connect between the client and management server (I think that's what port 2161 is for)? I could find nothing via Google or on the APC web site to that effect. Note that I'm just talking about PowerChute with standard Smart-UPS batteries.

Any help would be great, trying to pass scans for auditors, and this throws a couple huge yellow flags up.

cglidden_apc · ‎2021-06-30

This was originally posted on APC forums on 5/13/2009

So this should be a non-issue? Shouldnt APC and Nessus work out that it should not be a vulnerability?
I just need some concrete evidance from APC about this before we have to remove their software for the UPS's.

Do you know if a newer version of the console, the paid for 8.0.1 version, would fix this?

See Answer In Context

BillP · ‎2021-06-30

This reply was originally posted by Angela on APC forums on 5/11/2009

[here is a thread on some of these issues|http://forums.apc.com/spaces/4/back-ups-surge-protectors/forums/general/4573/3-month-old-xs-900-turn...].

Ports Used by Powerchute Business Edition:

TCP
2161 - Communication between Server and Agent
2160 - Communication between Console and server (PCBE 6.x)
2260 - Communication between Console and server (PCBE 7.x)
3052 - Agent Web UI and Logging features

UDP
2161 - Discovery of Agents by Server
2160 - Discovery of Servers by Console
7846 - Business Edition SNMP Agent

cglidden_apc · ‎2021-06-30

This was originally posted on APC forums on 5/13/2009

So this should be a non-issue? Shouldnt APC and Nessus work out that it should not be a vulnerability?
I just need some concrete evidance from APC about this before we have to remove their software for the UPS's.

Do you know if a newer version of the console, the paid for 8.0.1 version, would fix this?

Agent 8.0.1 Scanned by Nessus

APC UPS Data Center & Enterprise Solutions Forum

Invite a Colleague

Agent 8.0.1 Scanned by Nessus

Forums

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started