Vulnerability & Exploit Database

Back to search

TLS/SSL Server Supports SSLv3

Severity CVSS Published Added Modified
4 (AV:N/AC:M/Au:N/C:P/I:N/A:N) October 13, 2014 October 13, 2014 October 29, 2017

Available Exploits 

Description

The SSLv3 protocol and supported ciphers all suffer from serious vulnerabilities making this protocol unsafe to use.

The Payment Card Industry (PCI) Data Security Standard requires a minimum of TLS v1.1 and recommends TLS v1.2. In addition, FIPS 140-2 standard also requires a minimum of TLS v1.1 and recommends TLS v1.2.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

ssl-disable-insecure-protocols

Related Vulnerabilities