TLS/SSL Server Supports Weak Cipher Algorithms
|6||(AV:N/AC:M/Au:N/C:P/I:P/A:N)||December 31, 1995||February 11, 2009||September 30, 2014|
The TLS/SSL server supports cipher suites based on weak algorithms. This may enable an attacker to launch man-in-the-middle attacks and monitor or tamper with sensitive data. In general, the following ciphers are considered weak:
- So called "null" ciphers, because they do not encrypt data.
- Export ciphers using secret key lengths restricted to 40 bits. This is usually indicated by the word EXP/EXPORT in the name of the cipher suite.
- Obsolete encryption algorithms with secret key lengths considered short by today's standards, eg. DES or RC4 with 56-bit keys.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!