Hi Team,
This is regarding case#2009107691.
The customer has mentioned they have received Vulnerability reports from security team for netapp cluster, they need our help in eliminating those threats.
Totally 80 threats are found and reported by customer, I am attaching few below:
| Hidden RPC Services |
| ypbind RPC Daemon Present Vulnerability |
| SSL Certificate - Self-Signed Certificate |
| SSL Certificate - Subject Common Name Does Not Match Server FQDN |
| SSL Certificate - Improper Usage Vulnerability |
| SSL Certificate - Signature Verification Failed Vulnerability |
| SSL Certificate - Invalid Maximum Validity Date Detected |
| Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Supports Transport Layer Security (TLSv1.1) |
| Presence of a Load-Balancing Device Detected |
| Host is Vulnerable to Extended Master Secret TLS Extension (TLS triple handshake) |
| Remote Access or Management Service Detected |
| Operating System Detected |
| Open RPC Services List |
| Web Server HTTP Protocol Versions |
| Hidden RPC Services |
| ypbind RPC Daemon Present Vulnerability |
| SSL Certificate - Self-Signed Certificate |
| SSL Certificate - Subject Common Name Does Not Match Server FQDN |
| SSL Certificate - Improper Usage Vulnerability |
| SSL Certificate - Signature Verification Failed Vulnerability |
| SSL Certificate - Invalid Maximum Validity Date Detected |
| Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Supports Transport Layer Security (TLSv1.1) |
| Presence of a Load-Balancing Device Detected |
| Host is Vulnerable to Extended Master Secret TLS Extension (TLS triple handshake) |
| Remote Access or Management Service Detected |
| Operating System Detected |
| Open RPC Services List |
| Web Server HTTP Protocol Versions |
| DNS Host Name |