In our efforts to offer the most secure and compliant software to our customers, we are continuously evaluating improvements to our systems that help bolster security and remove vulnerabilities.
In September 2023 we implemented a mitigation for a low-risk vulnerability. We removed obsoleted Cipher Block Chaining (CBC) ciphers to prevent any potential occurrences of SSL LUCKY13, which is a cryptographic timing attack that can be used against implementations of the TLS and Datagram Transport Layer Security (DTLS) protocols using the CBC mode of operation.
Users of the Monsido user interface are not affected by this upgrade.
If you have integrated with the Monsido API through an older code base framework, you may experience issues communicating with Monsido.
The following framework and client versions can be affected:
Java version 7 and older
Internet Explorer 8
Internet Explorer 11 running on a Windows 7 or 8 client