False negatives on IoE "use-of-weak-cryptography-algorithms-into-active-directory-pki"
| Issue | False negative on IoE |
| Nature | Bug |
| Component impacted | Cygni |
| Version impacted | 2.6.4 - 2.6.5 |
| Solution offered | Hotfix |
| Ressources | Download Link |
Issue description:
Known Issue 2.6.4 & 2.6.5 Only
Using the IoE "Use of weak cryptography algorithms into Active Directory PKI" you notice that some certificates that should be detected are not (false negatives)
- interface path: Web Interface > Indicator of Exposure > Weak PKI Crypto > Deviant Element
- Actual Behavior:you don't see the dangerous certificate
The deployment of an hotfix is mandatory to address the issue. The hotfix is attached to this article ressources.
2.6.4 & 2.6.5 Only
1. Stop the alsid_cygni service
2. Replace Cygni binaries with those provided (Download Link - Archive PW : Cygni)
3. Restart the alsid_cygni service
Resolution criterias :
After applying the hotfix, please control that : 1. Cygni is processing data
[2020-05-22 08:11:58.253 UTC INF ] Start consuming Deviances queue 
3. The deviant certificate is visible in the IOE
A fix will be made on the next major version
Add New Comment