We are running K2 5.5, with two nodes. A security scan of the nodes pinged port 5630 as vulnerable to the TLS ROBOT vulnerability. CVE's include: CVE-2017-6168, CVE-2017-17382, CVE-2017-17427, CVE-2017-17428, CVE-2017-12373, CVE-2017-13098, CVE-2017-1000385, CVE-2017-13099, CVE-2016-6883, CVE-2012-5081
Looking that port/PID up - returns the PDF Converter service.
What steps are available to remediate this vulnerability? We are up to date with our patches.
I did find this article in the KB: https://community.nintex.com/t5/Best-Practices/PDF-Converter-Server-Side-Request-Forgery-Prevention/ta-p/207532
Could I simply whitelist 127.0.0.1 and be good? Is there any reason that service needs that port open to any other hosts other than itself?
Best answer by ChristoffBView original