Bug #29244
closed[installer][insights] This host is running httpd with SSLv3.0 enabled and is therefore vulnerable to POODLE / CVE-2014-3566
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1795550
Description of problem:
Fresh installation of a RHEL-7.7/Satellite 6.6.1 reports SSLv3.0 enabled
Version-Release number of selected component (if applicable):
satellite-installer-6.6.0.21-1.el7sat.noarch
How reproducible:
Always
Steps to Reproduce:
1. Install RHEL-7.7/latest Satellite
2. Register insights-client
3. See reports on cloud.redhat.com/insights
Actual results:
"This host is running httpd with SSLv3.0 enabled and is therefore vulnerable to POODLE / CVE-2014-3566" reported by insights rules
Expected results:
Apache's TLS configuration should be limited to TLS-1.2 connections only.
Additional info:
Updated by The Foreman Bot about 4 years ago
- Status changed from New to Ready For Testing
- Assignee set to Eric Helms
- Pull request https://github.com/theforeman/puppet-foreman/pull/805 added
Updated by The Foreman Bot about 4 years ago
- Pull request https://github.com/theforeman/foreman-installer/pull/480 added
Updated by Ewoud Kohl van Wijngaarden about 4 years ago
- Status changed from Ready For Testing to Rejected
The host isn't actually listening on SSLv3, this is an insights bug.
https://github.com/theforeman/foreman-installer/pull/480#issuecomment-593843521