How we can ensure that the communication between the client and server is secured through HTTPS? we are not using WDM nor FTP however when upgrading the client to firmware 8.6 MR8, we got the below warning message
We need to make sure that our environment is not impacted by the vulnerabilities (CVE-2020-29491 and CVE-2020-29492) addressed by CyberMDX.
I get the same message from WMS public cloud with http/ftp disabled. If you look in the event log them message comes up immediately on boot. Later in the event log you can see where http/ftp are disabled protocols.
My assumption is it’s triggering off of that, or not disabling that message when http/ftp is disabled.
I got the same message when I upgraded from 8.6_412 to 8.6_511. I contacted one of our Dell reps and he said to put the advanced line in “Signon=yes EnableMessage=no”. This did remove the message from the thin clients. He also said this would be a non issue after we can upgrade to 9.x. I was told apparently someone in a security role deemed this message necessary if a client “could” use non-secure communication.