False negatives on IoE "use-of-weak-cryptography-algorithms-into-active-directory-pki"
Issue | False negative on IoE |
Nature | Bug |
Component impacted | Cygni |
Version impacted | 2.6.4 - 2.6.5 |
Solution offered | Hotfix |
Ressources | Download Link |
Issue description:
Known Issue 2.6.4 & 2.6.5 Only
Using the IoE "Use of weak cryptography algorithms into Active Directory PKI" you notice that some certificates that should be detected are not (false negatives)

- interface path: Web Interface > Indicator of Exposure > Weak PKI Crypto > Deviant Element
- Actual Behavior:you don't see the dangerous certificate
The deployment of an hotfix is mandatory to address the issue. The hotfix is attached to this article ressources.
2.6.4 & 2.6.5 Only
1. Stop the alsid_cygni service

2. Replace Cygni binaries with those provided (Download Link - Archive PW : Cygni)

3. Restart the alsid_cygni service

Resolution criterias :
After applying the hotfix, please control that : 1. Cygni is processing data
[2020-05-22 08:11:58.253 UTC INF ] Start consuming Deviances queue

3. The deviant certificate is visible in the IOE
A fix will be made on the next major version
Add New Comment