This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote service supports the use of anonymous SSL ciphers.
The remote host supports the use of anonymous SSL ciphers. While this
enables an administrator to set up a service that encrypts traffic
without having to generate and configure SSL certificates, it offers
no way to verify the remote host's identity and renders the service
vulnerable to a man-in-the-middle attack.
Note: This is considerably easier to exploit if the attacker is on the
same physical network.
See also :
Reconfigure the affected application if possible to avoid use of weak
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.3
Public Exploit Available : true