Inadequate Encryption Strength
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-326: Inadequate Encryption Strength |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The Azure Storage account is configured to allow TLS versions lower than 1.2, which means older, less secure encryption protocols are permitted for data transfers. This weakens the security of data in transit between clients and storage services.
Impact#
Allowing deprecated TLS versions exposes data transmissions to known vulnerabilities and attacks such as eavesdropping or man-in-the-middle attacks. Attackers could potentially intercept or manipulate sensitive data, leading to data breaches and non-compliance with security standards.