API Gateway domain name uses outdated SSL/TLS protocols.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | api-gateway |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
Using outdated SSL/TLS protocols for API Gateway domain names exposes the data transmitted through the API to potential eavesdropping and tampering. Up-to-date encryption standards should always be used to ensure secure communication.
Impact#
Outdated protocols are vulnerable to various attacks, such as man-in-the-middle, decryption, or data tampering, compromising both security and user trust.
Resolution#
Use the most modern TLS/SSL policies available