Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SSL/TLS: Report Vulnerable Cipher Suites for HTTPS
Information
Severity
Severity
Medium
Family
Family
SSL and TLS
CVSSv2 Base
CVSSv2 Base
5.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Solution Type
Solution Type
Mitigation
Created
Created
7 years ago
Modified
Modified
7 years ago
Summary
This routine reports all SSL/TLS cipher suites accepted by a service where attack vectors exists only on HTTPS services.
Insight
Insight
These rules are applied for the evaluation of the vulnerable cipher suites: - 64-bit block cipher 3DES vulnerable to the SWEET32 attack (CVE-2016-2183).
Affected Software
Affected Software
Services accepting vulnerable SSL/TLS cipher suites via HTTPS.
Solution
Solution
The configuration of this services should be changed so that it does not accept the listed cipher suites anymore. Please see the references for more resources supporting you with this task.