[HCPUB-536] Update Ciphers for Hipchat Server (On-Prem) - Create and track feature requests for Atlassian products.

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

Type: Suggestion
Resolution: Fixed
Fix Version/s: None
Component/s: Installation/Update
Labels:
- no-cvss-required
- security
- ssl
- tls

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

We have setup the on-prem hipchat server and it got flagged on our vulnerability scan for insecure cipher suites. I was told the info was passed on to development and then asked to open the suggestion here so that it could be tracked. Request is to disable TLS1.0 support

Ciphers flagged:

Negotiated with the following insecure cipher suites: TLS 1.0
ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

relates to

HCPUB-2532 HipChat Server: Disable TLS v1

Closed

Assignee:: Avinoam

Reporter:: Joel Boekankamp

Archiver:: Michael Andreacchio

Created:: 08/Apr/2016 11:00 PM

Updated:: 19/Sep/2019 5:46 AM

Resolved:: 13/Dec/2017 12:24 AM

Archived:: 16/Jun/2020 5:19 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates