Anonymous Key Exchanges Supported (PCI DSS)

Medium Nessus Plugin ID 106457

Synopsis

A service on the remote host supports an unauthenticated key exchange

Description

At least one of the SSL or TLS services on the remote host supports an anonymous DH or anonymous ECDH cipher. When an anonymous cipher is used, the client does not authenticate the server and an attacker may intercept and modify encrypted traffic.

Solution

Consult the software's manual and reconfigure the service to disable support for anonymous key exchanges.

Plugin Details

Severity: Medium

ID: 106457

File Name: pci_anon_key_exchanges.nasl

Version: Revision: 1.1

Type: remote

Family: General

Published: 2018/01/29

Modified: 2018/01/29

Dependencies: 31705

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Settings/PCI_DSS