• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The Poly Phones Knowledge Base is live! We look forward to helping you with common issues and troubleshooting advice!
Locked

‎12-03-2021 12:04 AM

HP Recommended

hi,

I have an issue with DES cipher vulnerability. I tried to update the config following this kb cipher suites kb . but could not resolve the issue. my IP Phone doesn't have an option to select the minimum TLS version and this vulnerability affected my 8pcs Polycom SoundStation Duo. also I tried to update the firmware to 4.1.1.0934 it has no effect.

 

the question: how to fix this Vulnerabilities?

 

this is my cipher suites configuration:

ALL:!DH:!LOW:!EXP:!MD5:!DES:@STRENGTH

image

 

 

 

 

Phone Information
Phone ModelSoundStation Duo
Part Number3111-19000-001 Rev:F
MAC Address00:04:F2:F4:13:B0
UC Software Version4.0.7.4180
BootROM Software Version5.0.7.1284

 

test result after updated the config:

 

 

Starting Nmap 6.40 ( http://nmap.org ) at 2021-12-03 14:48 +08
Nmap scan report for X.X.X.X
Host is up (0.0036s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
| ssl-enum-ciphers:
|   SSLv3:
|     ciphers:
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_DES_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     compressors:
|       NULL
|   TLSv1.0:
|     ciphers:
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_DES_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|     compressors:
|       NULL
|_  least strength: weak
5060/tcp open  sip

 

 

 

 

 

 

 

thanks in advance

regards,

bc

1 ACCEPTED SOLUTION

Accepted Solutions

‎12-03-2021 03:34 AM

HP Recommended

Hello @imbc00 ,

 

Welcome to the Poly Community.

 

If you are not using Microsoft Lync or Skype for Business on-premise UC Software 4.1.1 is not a supported software for your device.

 

The device, if used in openSIP has the latest Software 4.0.15

 

Please upgrade to this build and follow the quoted Knova article on how to add the configuration and if this still fails please provide us with a backup of the configuration.

 

The above is all outlined in the FAQ

 

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

 

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN

View solution in original post

Was this reply helpful? Yes No
2 REPLIES 2

‎12-03-2021 03:34 AM

HP Recommended

Hello @imbc00 ,

 

Welcome to the Poly Community.

 

If you are not using Microsoft Lync or Skype for Business on-premise UC Software 4.1.1 is not a supported software for your device.

 

The device, if used in openSIP has the latest Software 4.0.15

 

Please upgrade to this build and follow the quoted Knova article on how to add the configuration and if this still fails please provide us with a backup of the configuration.

 

The above is all outlined in the FAQ

 

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

 

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
Was this reply helpful? Yes No

‎12-06-2021 10:40 PM

HP Recommended

hi,

 

thanks for your advice, after updating the firmware to 4.0.15 and updating the config as per the KB ,now it's resolved the issue.

 

image

thank you

 

regards,

BC

Was this reply helpful? Yes No
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.