TLS Version 1.0 Protocol Detection

medium Nessus Plugin ID 104743


The remote service encrypts traffic using an older version of TLS.


The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a number of cryptographic design flaws. Modern implementations of TLS 1.0 mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are designed against these flaws and should be used whenever possible.

As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.

PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30, 2018, except for POS POI terminals (and the SSL/TLS termination points to which they connect) that can be verified as not being susceptible to any known exploits.


Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.

See Also

Plugin Details

Severity: Medium

ID: 104743

File Name: tls10_detection.nasl

Version: 1.10

Type: remote

Published: 11/22/2017

Updated: 4/19/2023

Asset Inventory: true

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score from a more in depth analysis done by tenable


Risk Factor: Medium

Base Score: 6.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N

CVSS Score Source: manual


Risk Factor: Medium

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Vulnerability Information

Required KB Items: SSL/Supported

Reference Information

CWE: 327