A fix is available
APAR status
Closed as program error.
Error description
The original issue is that IBM Systems Director agent is giving error on the security scan. Customer got the following security exceptions: 5336/tcp/www: SSL Enabled Server Supports Medium Strength SSL Encryption Certificates/Cipher 5336/tcp/www: SSL Enabled Server Supports Weak SSL Encryption Certificates/Cipher 5336/tcp/www: IETF X.509 Certificate Signature Collision Vulnerability Further investigation shows that 1. Port 5336 is open only on AIX platform, used by pconsole; 2. Another port 8422, which uses the same keystore as of 5336, has strong cipher suites enabled and no security exception was thrown against this port. 3. The solution for port 5336 security issue is to enable strong cipher suites for this port also. Port 5536 was using the default ciphers provided by LWI 8.1.0.3. This needs to be changed by LWI and pconsole configurations.
Local fix
N/A
Problem summary
pconsole was using ciphers which are no longer considered secure
Problem conclusion
Changes are done in LWI CF framework to enable strong ciphers
Temporary fix
Comments
6100-07 - use AIX APAR IV50606 6100-08 - use AIX APAR IV57896 6100-09 - use AIX APAR IV54021 6100-09 - use AIX APAR IV54021 6100-09 - use AIX APAR IV54021 7100-01 - use AIX APAR IV57593 7100-02 - use AIX APAR IV57071 7100-03 - use AIX APAR IV54148 7100-04 - use AIX APAR IV54232
APAR Information
APAR number
IV57593
Reported component name
AIX V7.1
Reported component ID
5765H4000
Reported release
710
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Submitted date
2014-03-26
Closed date
2014-03-26
Last modified date
2016-05-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
AIX V7.1
Fixed component ID
5765H4000
Applicable component levels
R710 PSY U861817
UP14/08/12 I 1000
PTF to Fileset Mapping
U861817 sysmgt.pconsole.rte 7.1.1.16
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11R","label":"AIX 7.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
10 May 2016