- Community Home
- >
- Software
- >
- HPE OneView
- >
- OneView 8 vulnerability tls-dh-primes
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2023 05:27 AM
03-08-2023 05:27 AM
OneView 8 vulnerability tls-dh-primes
I've OneView with FIPS and strong ciphers enabled installed, enabling TLS1.2 only.
but notice still detected vulnerability ID "tls-dh-primes", below is a summary for " tls-dh-primes"
"Generate random Diffie-Hellman parameters Configure the server to use a randomly generated Diffie-Hellman group. It's recommend that you generate a 2048-bit group.
The simplest way of generating a new group is to use OpenSSL: openssl dhparam -out dhparams.pem 2048... For other products see the remediation steps suggested by the original researchers. (https://weakdh.org/sysadmin.html)"
Please advise how to enable the Strong DH Group in OneView 8 as CLI now is not supported.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2023 09:38 AM
03-10-2023 09:38 AM
Re: OneView 8 vulnerability tls-dh-primes
Can you supply more information on this?
- What HPE OneView release are you using?
- How are you validating this?
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-12-2023 08:54 PM
03-12-2023 08:54 PM
Re: OneView 8 vulnerability tls-dh-primes
- What HPE OneView release are you using?
- >> OneView 8, 8.00.00-0470555, API: 4600
- How are you validating this?
- >> Our Internal security tools
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-12-2023 09:30 PM
03-12-2023 09:30 PM
Re: OneView 8 vulnerability tls-dh-primes
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2023 08:07 PM
03-13-2023 08:07 PM
Re: OneView 8 vulnerability tls-dh-primes
Please private message me the tool and report/test that is flagging this
>> Sent
>> To add, basically, nexpose detect OneView using the commonly used Diffie-Hellman primes.
>> tlsv1_2.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384.dh.keysize
>> I see the above TLS is still listed on Legacy cryptography mode and FIPS cryptography mode
Document - HPE OneView 8.0 User Guide for VMs | HPE Support