Description
Cytrix has detected that the version of Apache being used, may be vulnerable.
That could cause Apache to use a weaker ciphersuite or, cipher suite restrictions to be ignored.
If optional renegotiation is being used in the process of verifying client certificates, you are potentially vulnerable to CVE-2003-0192.
That means that Apache will use a weak ciphersuite instead of a strong one.
Also, cipher suite policies you’ve defined will be ignored.
Severity/Score
CVSS Version 2.0 – 6.4 Medium
Recommendation
To deal with CVE-2003-0192, update the version of the Apache being used.
Make sure its version is 2.0.47 or higher.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0192