Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Low |
| Likelihood Level | Medium |
Description#
The code configures TLS to allow SSLv3, which is an outdated and insecure protocol with known vulnerabilities. Modern best practices require using a secure TLS version like TLS 1.3 instead.
Impact#
If SSLv3 is enabled, attackers could exploit its weaknesses to decrypt sensitive data or perform man-in-the-middle attacks, potentially exposing user information or compromising secure communications.