I'm not sure on the ciphers, but the current firmware is 2.8.0.17. It might be worth checking the release notes to see if they removed the insecure ones.
------------------------------
Aaron Moore
------------------------------
Original Message:
Sent: 05-11-2023 12:22 AM
From: AS77
Subject: https/443 failed VA (Vulnerability Assessment) process - insecure cipher suites
Aruba instant-on1960 12XGT 4SFP+ Switch JL805A with firmware/software version 2.3.3.0 has failed as Vulnerability Assessment. Switch management is running https/443 and disable http service. Here is the evidence from VA report:
Negotiated with the following insecure
cipher suites: TLS 1.2 ciphers:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
How to disable this insecure cipher suite? Please advise.
------------------------------
Aris Suparmanto
------------------------------