Skip to main content

Security & Governance

Discussion board where members can learn more about Qlik Sense deployments which are governed and self-service.

Announcements
Welcome to Qlik Community! Check out our new navigation! FIND OUT MORE
cancel
Showing results for 
Search instead for 
Did you mean: 
PraveenArelli
Contributor II
Contributor II

How to remediate the "SSL Medium Strength Cipher Suites Supported (SWEET32)" -port 4953

Hi team,

I need your help/suggation on the vulnerabilities.

how to remediate the "SSL Medium Strength Cipher Suites Supported (SWEET32)" -port -4953 -vulnerability.

When I was check with the port number, it is showing the file as "nl-app-search.exe"

but we are not getting whats the issue is with it ?

Can any one know the issue of it please let us know.

really appriciate your help.

thanks.

 

Regards
Praveen

 

 

 

Labels (2)
10 Replies
Chip_Matejowsky
Support
Support

Hi @PraveenArelli,

So this is more of a Windows issues than a Qlik Sense issue.  What version of Qlik Sense are you running?  There is a Qlik Sense Help entry as well as couple of Qlik Support articles regarding remediation of SSL Medium Strength Cipher Suites Supported (SWEET32) to review:

Best Regards

Sr. Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!
PraveenArelli
Contributor II
Contributor II
Author

Hi Jowsky,

1st of all thank you for your response.

and we were followed all of the above instructions already, that was helped us to resolve the many things but we stucked with the only one that sweet32 with port-4953.

Really we need help on this. as I told that , when we check with the port number, it is pointing to  "nl-app-search.exe".

 

Regards

Praveen

Maria_Halley
Support
Support

@PraveenArelli

 

This is reported as a defect.

The defect but I am not 100% sure that it has  been released yet

PraveenArelli
Contributor II
Contributor II
Author

We are using Latest version Nov 2021, Ptach-3, I believe if it's a bug not yet released.

if  it's not a bug, any suggestions to resolve it ?

 

 

Maria_Halley
Support
Support

 

Hi,

 

This is fixed in Qlik Sense November 2021SR4. 

 

See release notes

QlikSense Release notes

PraveenArelli
Contributor II
Contributor II
Author

Hi Halley,

Thanks for your response.

But unfortunately, the issue is not yet resolved after upgrading to Nov 2021, Patch-4 also.

please let me know , if any changes or settings required for remediate the port-4953 vulnerability.

Regards

Praveen

 

 

Maria_Halley
Support
Support

@PraveenArelli

 

Can you try this? (always make sure you have backups before changing the configuration)

 

1. Open C:\Program Files\Qlik\Sense\ServiceDispatcher\services.conf in edit mode(admin)
2. Add "--tls-min-version=TLS12" as nl-app-search parameter as shown below

 

[nl-app-search.parameters]
--mode=server
--port=${NLAppSearchPort}
--log-path=${LogPath}
--qrs-port=${QrsPort}
--capability-service-port=${CapabilityPort}
--dps-port=${DataPrepPort}
--tls-min-version=TLS12

PraveenArelli
Contributor II
Contributor II
Author

Hi Maria,

yes, we applied these changes also, but no luck this time also.

still Sweet32 for port-4953 vulnerability is exist.

please take it as priority one, we need it very urgent and important to us.

 

Regards

Praveen

 

 

Maria_Halley
Support
Support

@PraveenArelli

 

 I think at this point you need to create a case.

 

Create case