Re: How to remediate the "SSL Medium Strength Ciph... - Qlik Community

PraveenArelli · ‎2022-01-31

Hi team,

I need your help/suggation on the vulnerabilities.

how to remediate the "SSL Medium Strength Cipher Suites Supported (SWEET32)" -port -4953 -vulnerability.

When I was check with the port number, it is showing the file as "nl-app-search.exe"

but we are not getting whats the issue is with it ?

Can any one know the issue of it please let us know.

really appriciate your help.

thanks.

Regards
Praveen

Chip_Matejowsky · ‎2022-01-31

Hi @PraveenArelli,

So this is more of a Windows issues than a Qlik Sense issue. What version of Qlik Sense are you running? There is a Qlik Sense Help entry as well as couple of Qlik Support articles regarding remediation of SSL Medium Strength Cipher Suites Supported (SWEET32) to review:

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

PraveenArelli · ‎2022-01-31

Hi Jowsky,

1st of all thank you for your response.

and we were followed all of the above instructions already, that was helped us to resolve the many things but we stucked with the only one that sweet32 with port-4953.

Really we need help on this. as I told that , when we check with the port number, it is pointing to "nl-app-search.exe".

Regards

Praveen

Maria_Halley · ‎2022-02-01

@PraveenArelli

This is reported as a defect.

The defect but I am not 100% sure that it has been released yet

PraveenArelli · ‎2022-02-07

We are using Latest version Nov 2021, Ptach-3, I believe if it's a bug not yet released.

if it's not a bug, any suggestions to resolve it ?

Maria_Halley · ‎2022-02-07

Hi,

This is fixed in Qlik Sense November 2021SR4.

See release notes

QlikSense Release notes

PraveenArelli · ‎2022-02-08

Hi Halley,

Thanks for your response.

But unfortunately, the issue is not yet resolved after upgrading to Nov 2021, Patch-4 also.

please let me know , if any changes or settings required for remediate the port-4953 vulnerability.

Regards

Praveen

Maria_Halley · ‎2022-02-10

@PraveenArelli

Can you try this? (always make sure you have backups before changing the configuration)

1. Open C:\Program Files\Qlik\Sense\ServiceDispatcher\services.conf in edit mode(admin)
2. Add "--tls-min-version=TLS12" as nl-app-search parameter as shown below

[nl-app-search.parameters]
--mode=server
--port=${NLAppSearchPort}
--log-path=${LogPath}
--qrs-port=${QrsPort}
--capability-service-port=${CapabilityPort}
--dps-port=${DataPrepPort}
--tls-min-version=TLS12

PraveenArelli · ‎2022-02-14

Hi Maria,

yes, we applied these changes also, but no luck this time also.

still Sweet32 for port-4953 vulnerability is exist.

please take it as priority one, we need it very urgent and important to us.

Regards

Praveen

Maria_Halley · ‎2022-02-16

@PraveenArelli

I think at this point you need to create a case.

Create case

How to remediate the "SSL Medium Strength Cipher Suites Supported (SWEET32)" -port 4953

Administration

Security