Accessibilité
Skip to content
Poly has joined the HP family! From August 7, 2023, Poly Support contact options will connect you to HP. This portal will be live until November, when we'll move to the HP Customer Support site.
Article ID: 000034727
Date de dernière modification: 12/10/2021
Access Level: Public
How to disable ports 80 and 443 on Polycom phones for PCI Compliance
Symptom:
Customer may report that Polycom phones fail PKI compliance scans like Nexpose by Rapid 7 (https://www.rapid7.com/products/nexpose/)
Spicificly the two vulnerabilities pointed out are:
1. CVE-2016-2183 The DES and Triple DES ciphers
https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS12-006 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389
2. CVE-2011-3389 man-in-the-middle "BEAST" attack
https://www.rapid7.com/db/vulnerabilities/ssl-cve-2016-2183-sweet32 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183
Add the settings below to configure the phone to pass the PKI scan:
apps.push.secureTunnelEnabled="0
httpd.cfg.enabled="0
httpd.cfg.port="80
httpd.cfg.secureTunnelEnabled="0
httpd.cfg.secureTunnelPort="443
httpd.cfg.secureTunnelRequired="1
httpd.ta.enabled="0
httpd.ta.port="80
httpd.ta.secureTunnelEnabled="0
httpd.ta.secureTunnelPort="443
httpd.ta.secureTunnelRequired="1