Hi -
We are running K2 5.5, with two nodes. A security scan of the nodes pinged port 5630 as vulnerable to the TLS ROBOT vulnerability. CVE's include: CVE-2017-6168, CVE-2017-17382, CVE-2017-17427, CVE-2017-17428, CVE-2017-12373, CVE-2017-13098, CVE-2017-1000385, CVE-2017-13099, CVE-2016-6883, CVE-2012-5081
Looking that port/PID up - returns the PDF Converter service.
What steps are available to remediate this vulnerability? We are up to date with our patches.
I did find this article in the KB: https://community.nintex.com/t5/Best-Practices/PDF-Converter-Server-Side-Request-Forgery-Prevention/ta-p/207532
Could I simply whitelist 127.0.0.1 and be good? Is there any reason that service needs that port open to any other hosts other than itself?
Thank you,
Tim
Best answer by ChristoffB
View original