Ssl Tls Server Accepts Tlsv1 1 Connections
Description
Detects if a web server accepts TLS 1.1 connections, which is a deprecated and insecure protocol version. TLS 1.1 contains known cryptographic weaknesses and has been officially deprecated since March 2021, making systems that support it vulnerable to downgrade attacks and other security issues.
Detection Strategy
• Attempts to establish a TLS 1.1 connection to the target server
• Reports a vulnerability if the server successfully negotiates and accepts a TLS 1.1 connection
• Checks the server's response regardless of which cipher suite is used for the connection
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.