Yealink Forums
T46G SSL 2 & 3 Vulnerability - Printable Version

+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: T4x Series (/forumdisplay.php?fid=31)
+--- Thread: T46G SSL 2 & 3 Vulnerability (/showthread.php?tid=46120)



T46G SSL 2 & 3 Vulnerability - russavd - 09-24-2022 05:07 AM

Does anyone know how to disable SSL 2 & 3 on these phones?

We are failing a Nessus scan on several dozen of these phones, while our other phones (mostly T46S) are passing.

I can't find any instructions specific to these phones, and the only advice seemingly related is to make the following entries to a T48S:

sip.tls_cipher_list = AES:!ADH:!LOW:!EXPORT:!NULL
security.tls_cipher_list = AES:!ADH:!LOW:!EXPORT:!NULL
static.security.default_ssl_method = 5

When I try this, the T46G phones don't seem to take the security.tls_cipher_list entry (when I export the config file, that line isn't present).

We are running the latest T46G firmware from 3CX.

Thanks!