Hi,
I have couple of Vulnerabilities to be remediated. While the workaround looks simple by disabling it in registry, i wanted to know the impact on SQL Server services running in the node because the scan report shows both the vulnerabilities on port 1433 TCP
SSL/TLS use of weak RC4(Arcfour) cipher
Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
Thanks
Hi @udhayand-8188,
SSL/TLS use of weak RC4(Arcfour) cipher. SQL Server use Transport Layer Security (TLS) to encrypt data that is transmitted across a network between an instance of SQL Server and a client application. This increases the security of data transmitted across networks between instances of SQL Server and applications.
If you disable TLS, it is not security for data transmitted across networks between instances of SQL Server and applications.
SQL Database, SQL Managed Instance, and Azure Synapse Analytics enforce encryption (SSL/TLS) at all times for all connections. This ensures all data is encrypted "in transit" between the client and server irrespective of the setting of Encrypt or TrustServerCertificate in the connection string. Refer to this MS document.
By the way, starting with SQL Server 2016 (13.x), Secure Sockets Layer (SSL) has been discontinued. Use Transport Layer Security (TLS) instead.
If the response is helpful, please click "Accept Answer" and upvote it, thank you.
Yes i would love to. Problem is I have SQL server 2012/2014 instances as well and i need to fix these vulnerabilities reported by Qualys scan.
Thanks
Hi @udhayand-8188,
Suggest you using other solution to fix the vulnerabilities.
By the way, if the reply could help you, please "Accept answer" or "Up-Vote" for the same which might be beneficial to other community members reading this thread.
9 people are following this question.
