Nagios NRPE vulnerabibility Issue
Posted: Mon Feb 24, 2020 11:26 pm
Around 500 machines is getting vulnerability issue on port 5666 [Nrpe Client]
NRPE Version using on server is 2.13 which is old version I know.
Vulnerability Details.
1.TLS Server Supports TLS version 1.0
2.TLS Server Supports TLS version 1.1
3.TLS/SSL Server is enabling the BEAST attack
4.TLS/SSL Server is enabling the POODLE attack
5.TLS/SSL Server Supports RC4 Cipher Algorithms (CVE-2013-2566)
6.TLS/SSL Server Supports The Use of Static Key Ciphers
Is there any option to fix this without upgrading the NRPE Client ?
Note: I am not using any SSL on Nagios Server and Nagios Client.
NRPE Version using on server is 2.13 which is old version I know.
Vulnerability Details.
1.TLS Server Supports TLS version 1.0
2.TLS Server Supports TLS version 1.1
3.TLS/SSL Server is enabling the BEAST attack
4.TLS/SSL Server is enabling the POODLE attack
5.TLS/SSL Server Supports RC4 Cipher Algorithms (CVE-2013-2566)
6.TLS/SSL Server Supports The Use of Static Key Ciphers
Is there any option to fix this without upgrading the NRPE Client ?
Note: I am not using any SSL on Nagios Server and Nagios Client.