1 minute read
Patches Patches MEDIUM RISK ISSUES
Weak Encryption Methods Supported By Server
Servers listed on this page allow client connections using weak encryption. Simply having secure web traffic (HTTPS) enabled is not enough. Weak encryption allows attackers to decrypt data and intercept content that is transmitted via HTTPS, potentially revealing sensitive information like passwords, credit card data, or multifactor authentication tokens.
Remediation: Remediation: Disable weak encryption methods in favor of secure, up-to-date protocols. Like any other standard, HTTPS and its component parts evolve to keep pace with the current threat landscape. Disable TLSv1.0 and TLSv1.1, forcing transport via TLSv1.2 or TLSv1.3
