Our security team did vulnerability scan on server running Splunk v6.1.3 and asked us to remediate CVE-2013-2566 vulnerability. The description they gave us is below:
SSH RC4 Cipher Enabled
The arcfour cipher is considered to be flawed.
Disable the arcfour cipher.
We checked with OS Vendor and they have given below solution. The issue is I am not sure where to apply the changes. I have checked files having RC4 but there are many..
-Find the applications which has been configured to use TLS/SSL on server, make the suggested changes in application configuration file as suggested in Workaround 1 or Workaround 2.
o For example, if httpd is running with SSL, then make the suggested changes in /etc/httpd/conf.d/ssl.conf
*Workaround 1: Use Stronger ciphers
*Workaround 2: Change the CipherOrder so that RC4 will be the least preferred
Can someone please advise on the same?