web

You’re offline. This is a read only version of the page.

Welcome to the future of Business Support! I'm Trend Companion, your AI assistant ready to streamline your experience.

Log in for your personalized support! Chat with Trend Companion for quick answers, or submit a case for detailed troubleshooting.

Log in to chat with Trend Companion now

Views:

CVE References on RC4 and “CRIME” attack:

This type of attack can be mitigated by preventing the use of SSL/TLS compression either at the client end (browser) or on the web server.

Our developers have tested and found that IWSVA does not support RC4 on ports 8443 and 9091, so there is no impact for IWSVA.

In any case, this attack would require an old browser version and all the principal browsers have been patched in 2016.

For more details, refer to the the following articles:

Internet Explorer 11 and Edge:
- RC4 cipher is no longer supported in Internet Explorer 11 or Microsoft Edge
- RC4 will no longer be supported in Microsoft Edge and IE11 [Updated]
Mozilla Firefox 44:
- Deprecating the RC4 Cipher
Google Chrome 48:
- Release date of Chrome that disable RC4 cipher
- Known Issues - Chrome for Business - Error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Keywords: RC4 cipher,iwsva and RC4 cipher,WSVA 6.5 SP2 vulnerable to SSL RC4 Cipher,WSVA 6.5 SP2 supports SSL RC4 Cipher ,IWSVA vulnerable to RC4 Cipher ,info about IWSVA and RC4 Cipher

InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2 (SP2) does not support SSL RC4 Cipher Suites

Product / Version includes:

Interscan Web Security Virtual Appliance 6.5

Last updated: 2025/05/08

Solution ID: KA-0007364

Category: SPEC

Summary

Some vulnerability scanners report that IWSVA 6.5 SP2 is vulnerable to SSL RC4 Cipher.

CVE References on RC4 and “CRIME” attack:

This type of attack can be mitigated by preventing the use of SSL/TLS compression either at the client end (browser) or on the web server.

Our developers have tested and found that IWSVA does not support RC4 on ports 8443 and 9091, so there is no impact for IWSVA.

In any case, this attack would require an old browser version and all the principal browsers have been patched in 2016.

For more details, refer to the the following articles:

Internet Explorer 11 and Edge:
- RC4 cipher is no longer supported in Internet Explorer 11 or Microsoft Edge
- RC4 will no longer be supported in Microsoft Edge and IE11 [Updated]
Mozilla Firefox 44:
- Deprecating the RC4 Cipher
Google Chrome 48:
- Release date of Chrome that disable RC4 cipher
- Known Issues - Chrome for Business - Error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Was this article helpful?