Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SSL/TLS: Report 'Null' Cipher Suites
Information
Severity
Severity
Medium
Family
Family
SSL and TLS
CVSSv2 Base
CVSSv2 Base
5.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Solution Type
Solution Type
Mitigation
Created
Created
7 years ago
Modified
Modified
6 years ago
Summary
This routine reports all 'Null' SSL/TLS cipher suites accepted by a service.
Insight
Insight
Services supporting 'Null' cipher suites could allow a client to negotiate a SSL/TLS connection to the host without any encryption of the transferred data.
Solution
Solution
The configuration of this services should be changed so that it does not accept the listed 'Null' cipher suites anymore. Please see the references for more resources supporting you in this task.