Qualsys reporting vulnerabilities against ZENworks Reporting Service appliance v6.2.3
This article is for ZRS appliances.
QualSysID Level Vulnerability
42366 High SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)
38601 High SSL/TLS use of weak RC4 cipher
38657 Medium Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
38628 Medium SSL/TLS Server supports TLSv1.0
38173 High SSL Certificate - Signature Verification Failed Vulnerability
38169 High SSL Certificate - Self-Signed Certificate
38172 Medium SSL Certificate - Improper Usage Vulnerability
86763 Medium Web Server Uses Plain Text Basic Authentication
82054 Medium TCP Sequence Number Approximation Based Denial of Service
Qualys ID 82054 - This is an Operating System level issue and is fixed in Linux Kernel 3.5 and newer (i.e. SuSE Linux Enterprise 12 and newer) per information provided by SuSE.
ZRS 6.4.3 run on top of SLES 12 SP3, so these will be fixed in ZRS v6.4.3 (aka ZRS 2018)