Does anyone know what has been modified in vulnerability “TLS/SSL Weak Message Authentication Code Cipher Suites” which was done on 8th Jan 2024.
We saw lot of instances getting reopened which seems to be FP as there are no SHA1 or MD5 ciphers used on the servers and still vulnerability is getting flagged.
There are many more that were added, and looking at the proof text provided should hopefully provide you the information on what cipher is being flagged.
Were the checks of the 2 ciphers removed on Feb 26th? These are no longer appearing on reports. I’m seeing on that vulnerability that it was modified on the 26th.