Description

The remote service encrypts traffic using SSL 3.0, an insecure and deprecated protocol with widely known weaknesses.

Remediation

Disable SSL 3.0 and use TLS 1.2 (or higher) instead.

References

How to disable SSLv3

Related Vulnerabilities

Nuxt.js Running in Development Mode

Incorrect Content Security Policy (CSP) Implementation

Unrestricted access to Kong Gateway API

.htaccess File Detected

Invalid Content Security Policy (CSP) Directive Identified in meta Elements

Severity

High

Classification

CWE-326 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Weak Crypto