Detections
Analytics
TLS 1.1 Weak Protocol
medium Web App Scanning Plugin ID 112546
Language:
Synopsis
TLS 1.1 Weak ProtocolDescription
The remote server offers deprecated TLS 1.1 protocol.Solution
Reconfigure the affected application, if possible to avoid the use of deprecated TLS 1.1 protocol versions and enable TLS 1.2 or later.See Also
https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/
https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/
https://security.googleblog.com/2018/10/modernizing-transport-security.html
https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/
Plugin Details
Severity: Medium
ID: 112546
Type: remote
Family: SSL/TLS
Published: 2/13/2018
Updated: 6/28/2023
Scan Template: api, basic, config_audit, full, pci, quick, scan, ssl_tls
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: Medium
Base Score: 6.1
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
CVSS Score Source: Tenable
Reference Information
CWE: 327
OWASP: 2010-A9, 2013-A6, 2017-A3, 2021-A2
WASC: Insufficient Transport Layer Protection
CAPEC: 20, 459, 473, 475, 608, 614, 97
DISA STIG: APSC-DV-002440
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.10.1.2
NIST: sp800_53-SC-12
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-9.1.2