megaphone
Update your Profile with your Support type to get your Support Type badge.
Nominate Your Peers for NetSuite Support Community's Choice of the Quarter! Submit your nomination today.
Stay in the know of how NetSuite can help grow your business with our guides, webinars, and events. Subscribe Here
What Topic Should We Cover Next? Your idea could be our next feature—drop your suggestion now!
No Limits. Just possibilities. Join us for complimentary one-day events around the world and step into a future fueled by AI and limitless potential. Discover what's next at SuiteConnect Tour 2026.
Try Intelligent Payment Automation – Fee Free For Your First Month For more information, visit this thread.

Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!
Stay in the Know

Be sure you're subscribed to NetSuite communication to stay in the know about monthly happenings, updates and announcements. Subscribe
Please note that on Friday, March 20, 2026, at 8:00 PM Pacific time, our Case Management System will undergo a scheduled maintenance for approximately 4 hours. During this time, case creation via SuiteAnswers will be unavailable and inbound calls will be routed to Customer Service.

ScanAlert Vulnerability - Weak Supported SSL Ciphers Suites

edited Apr 9, 2009 12:51PM in Web Site / E-Commerce 1 comment

We also received this vulnerability:

<<Description
The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. This vulnerability is valid for all SSL/TLS sessions that are passing sensitive information.
PCI defines strong cryptography, for secret key based systems, as anything above 80 bit encryption.



General Solution
Important Note: Weak ciphers can run on other service ports as well. Typical ports include: 465, 993, 995, 2078, 2083, 2087, 2096, 8443, etc. Each application will have its own configuration options to handle weak ciphers.
Consult the documentation specific to each application on how to disable them. Some knowledge base articles are listed below. Successful configuration will cause this vulnerability to drop off automatically after the next scan. If the vulnerability does not go away, verify the service port in question and review the related documentation.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!

Leaderboard

Community Whiz

Quarter 1 (Jan-Mar 2026)

This Week's Leaders

This Month's Leaders

All Time Leaders