Airwatch Tunnel Proxy Service Vulnerabilities

Hantz · ‎08-03-2023

Trying to resolve a vulnerability on our Airwatch MAG server regarding the Airwatch Tunnel Proxy Service that is listening on port 2020.

Our vulnerability scanner is picking up the following finding:

SSL Certificate Signed Using Weak Hashing Algorithm

SEVERITY

High

PLUGIN ID

35291

Exploits are available

PORT

2020

The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.

Subject : CN=AirWatch Device Services Root

Signature Algorithm : SHA-1 With RSA Encryption

This seems to be resolvable via the java.security conf file. But the proper sy

Gizzie · ‎08-04-2023

I think some of your text is missing 🙂

But you can resolve this by logging in to the AirWatch console > Administration > AW Tunnel Proxy > Certificates tab

Click on edit for the certificate that is being used by the service, in the cert dialog box, select sha256 with rsa encryption for the signature algorithm and then click save

You will need to restart the AirWatch Tunnel Proxy Service afterwards. And for clustered AirWatch environment, you will need to update it on all of the nodes in the cluster.

All

Airwatch Tunnel Proxy Service Vulnerabilities