Our scanner only elaborates on Med & High risk items.
As this is a low-risk item, the scanner did not elaborate what it is but I found one
Med risk item which lists out the ciphers : refer to attached screen
The scan reported: "The device (it's an appliance) is configured to support ciphers known as static key ciphers. These ciphers don't support "Forward Secrecy". In the new specification for HTTP/2, these ciphers have been blacklisted."
Based on the SANS link below, I'm assuming it's the 1st 3 ciphers in the attached screen as these 1st 3
ciphers have no mention of DHE :
Let me know if I got it wrong & how should I go about addressing this reported vulnerability.
I can elaborate on what is that device if needed but I don't think I'm allowed to run an "ssl_connect"
client command against it as it's a Prod device