A vulnerability scan was run against our Zimbra server and it showed that we were vulnerable to BEAST attack.
On other servers (Apache/OpenSSL) I am able to mitigate this by setting the cipher order. On Zimbra, I can set the cipher suite but I haven't found any documentation on how to set the order.
Can this be done? If not, how can BEAST be mitigated for Zimbra?