Elasticsearch domain endpoint is using outdated TLS policy.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | elastic-search |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
Using outdated TLS policies for Elasticsearch domain endpoints can expose traffic to weak cryptographic algorithms, making it easier for attackers to decrypt or tamper with data.
Impact#
Outdated TLS policies increase the risk of man-in-the-middle attacks, data interception, and compromise of sensitive information.
Resolution#
Use the most modern TLS/SSL policies available