TLS version is outdated

Severity	Exploitability	Providers	Categories
HIGH	MEDIUM	Azure	NETWORK

Description

The Transport Layer Security (TLS) is a protocol whose role is to secure the data transferred from and to the app.

Older, deprecated versions of TLS must not be used, as they rely on outdated cryptographic methods. This makes some exploits possible, such as BEAST (Browser Exploit Against SSL/TLS) or POODLE (Padding Oracle On Downgraded Legacy Encryption).

Impact

Potential data exposure	Visible in logs	User interaction required	Privileges required
True	False	False	False

Attackers may intercept data by exploiting known vulnerabilities of these TLS versions.

Remediation guidelines

Deprecated TLS versions are disabled by default. Do not enable them unless it is absolutely necessary.

References

Fixing TLS version with Terraform
Formal TLS 1.0 and 1.1 deprecation by the Internet Engineering Task Force (IETF)

TLS version is outdated

Description

Impact

Remediation guidelines

References

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

TLS version is outdated

Description​

Impact​

Remediation guidelines​

References​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

Impact

Remediation guidelines

References