Anonymous Key Exchanges Supported (PCI DSS)
Medium Nessus Plugin ID 106457
SynopsisA service on the remote host supports an unauthenticated key exchange
DescriptionAt least one of the SSL or TLS services on the remote host supports an anonymous DH or anonymous ECDH cipher. When an anonymous cipher is used, the client does not authenticate the server and an attacker may intercept and modify encrypted traffic.
SolutionConsult the software's manual and reconfigure the service to disable support for anonymous key exchanges.