Aws Insecure Ssl Cipher
Description
Identifies Application Load Balancers (ALBv2) that use weak or outdated SSL/TLS cipher suites in their SSL policies. Using insecure ciphers can expose encrypted traffic to cryptographic attacks, potentially compromising sensitive data in transit.
Detection Strategy
• Scans all Application Load Balancers in the specified AWS region
• For each load balancer, examines the SSL policies configured on its HTTPS listeners
• Reports a vulnerability if any listener uses cipher suites like ECDHE-RSA-AES128-SHA, AES128-SHA, or other outdated ciphers
• Each vulnerability includes the specific load balancer ARN and the insecure cipher being used
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.