Weak SSL Ciphers Supported

medium Nessus Network Monitor Plugin ID 1104

Synopsis

The remote SSL Server is configured to use weak encryption.

Description

The SSL server allows clients to connect using weak (export grade) ciphers. As these ciphers are more easily cracked or hijacked, there is the potential of a remote session being taken over or observed. There is a risk of potential loss of confidential data.

Solution

Disable weak ciphers on the TLS/SSL server.

Plugin Details

Severity: Medium

ID: 1104

Family: Web Servers

Published: 8/20/2004

Updated: 1/15/2016

Nessus ID: 10863