ACP-1718 SSL V3 is Vulnerable to Obscure Attack - Should be TLS Only

Home

Projects

Password Login

Gemini Password Reset
Username

Geminiclose

Gemini Password Reset
Please provide your username. A password reset confirmation email will be sent to your email address.
Username

Projects

ACP: ACP Observatory Control Software
- Summary
- Items
- Testing
- Road Map
- Change Log
- Versions
- Components
- Documents
- Time
- Reports

Items

Type:

Limitation

Priority:

High

Severity:

Minor

Status:

Closed

Resolution:

Complete

Resources:

Bob Denny

Reported By:

Bob Denny

Component:

Web Server and ASP engine

Fixed In Version:

8.3

Versions Affected:

8.2.2

Start Date:

2/19/2020

Percent Complete:

Created:	8/21/2019 3:27:55 PM
Revised:	2/24/2020 3:51:16 PM
Closed:	2/24/2020 3:48:41 PM
Resolved:	2/24/2020 3:48:46 PM

See this Comm Center thread by Tonis Enmae. The SSL v3 in the Dart engine should be TLS. Though this is a "low value" service it should still eventually be upgraded. I will file a ticket with Dart on this.

Links
ACP-1668		Add TLS Web Server Info to ACP.Application API	Grouped

Comments (6)	Attachments (0)	Links (1)	Time (3)	History

Projects

ACP: ACP Observatory Control Software

Links