not involve
A certain site reported that there are two vulnerabilities in the SecPath F1080 device that need to be fixed.
"D isable SSL 2.0 and 3.0.
Use TLS 1.2 (with approved cipher suites) or higher instead."
Disable 3DES and medium-strength SSL ciphers (key lengths < 112 bits) and enable strong ciphers like AES-256 or TLS 1.2/1.3 compliant algorithms.
The firewall uses default cipher suites during the SSL interaction process for compatibility purposes when utilizing HTTPS and SSL VPN. These cipher suites inevitably include insecure algorithms, such as RC4. Therefore, it is necessary to create a secure SSL server policy to exclude these algorithms. The HTTPS and SSL VPN modules will then call the newly created SSL server policy, preventing the corresponding SSL-related vulnerabilities from being scanned.
See the attached document for details