What You Should Know About the BEAST Protocol Exploit

How do I know what protocol version I’m using for my Cleo software?

Check your settings in the advanced tab of a Host Level (for outbound transfers) or in theLocal Listener (for inbound transfers), depending on whether the software is the server or the client.

What is Cleo’s recommendation if customers are not on TLS v1.1?

We recommend that Cleo customer admins go in and change their minimum protocol to be TLS v1.1, which can be done in the advanced tab of a Host Level (for outbound transfers) or in the Local Listener (for inbound transfers).

Note: If you change this setting for inbound transfers, all trading partners connecting to you also will need to support TLS v1.1.

What if there are browser interoperability issues?

If there are any issues, the customer will need to move to a Cleo-supported browser, which can be found under the system requirements for any product on Cleo’s support page.

I’m already using TLS v1.1 in my Cleo solution? Do you recommend any further action?

If the server is set to a minimum of TLS v1.1, Cleo does not recommend any additional action.

Additional information

  • Read more about BEAST attacks here.

  • Learn more about TLS browser support here.

  • Determine which SSL or TLS connection your browser uses here.

  • For more information on your Cleo product, contact Cleo Support.

Post Published Date