While accessing JDE
on Google Chrome version 45+ or Firefox Version 40+ getting following message
Cause for an Issue:
Since this symptom is related to the Logjam vulnerability. (CVE-2015-4000). The TLS protocol 1.2 and earlier, when a DHE_EXPORT cipher-suite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Solution:
CVE 2015-4000 is fixed in Oracle Critical Patch Update July 2015, so you need to patch the Java Version of your WebLogic instance
If using jRockit, update your jRockit version to minimum 1.6.0_101
If using Oracle Java 6, update your Java 6 to minimum 1.6.0_101
If using Oracle Java 7, update your Java 7 to minimum 1.7.0_85
Since this symptom is related to the Logjam vulnerability. (CVE-2015-4000). The TLS protocol 1.2 and earlier, when a DHE_EXPORT cipher-suite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Solution:
CVE 2015-4000 is fixed in Oracle Critical Patch Update July 2015, so you need to patch the Java Version of your WebLogic instance
If using jRockit, update your jRockit version to minimum 1.6.0_101
If using Oracle Java 6, update your Java 6 to minimum 1.6.0_101
If using Oracle Java 7, update your Java 7 to minimum 1.7.0_85
This started working after updating java
On a firefox browser there is a workaround by which JD
Edwards access is possible
Type about:config in the link
Click on I’ll be careful, I promised
Type ‘dhe’ in search bar
Change value of ‘security.ssl3.dhe_rsa_aes_128_sha’ to false
from true
Change value of ‘security.ssl3.dhe_rsa_aes_256_sha’ to false
from true
No comments:
Post a Comment