TLS 1.0 enabled
Impact: Medium
Description
TLS version 1.0 is known to have several security vulnerabilities and weaknesses, making it susceptible to attacks.
Recommendation
To improve security, disable TLS 1.0 and migrate to more secure protocols such as TLS 1.2 or TLS 1.3.
References
- CWE-16
- CWE-326
- NIST Special Publication 800-52 Revision 1: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
- OWASP 2021-A5
- OWASP: Transport Layer Protection Cheat Sheet
👉 You might also like:
TLS 1.1 enabled - Vulnerability
SSL 2 enabled - Vulnerability
SSL 3 enabled - Vulnerability
No Redirection from HTTP to HTTPS - Vulnerability
Last updated on May 13, 2024