When checking on SSL cipher suites, customer observes that weak SSL cipher are supported and that raises security concern.
SAP SuccessFactors HCM Suite
The “weak” ciphers are only in place to support other customers who may require it.
Our URLs as of May 2019 received a A+ ratings from SSL Labs – this is the industry standard. Further, there are no known vulnerabilities related to TLS 1.2.
It is entirely within the customer’s own control (configured on their own client web browsers, integration clients, client libraries, etc) to only use the strongest encryption supported, which mitigates any impact of the weak ciphers available.
SSL security , KBA , LOD-SF-PLT-SEC , Security & Permissions , Problem