An outdated SSL policy is in use by a load balancer.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description#
The load balancer is configured to use an outdated or insecure SSL/TLS policy, which enables deprecated protocols or weak ciphers. This configuration fails to enforce the use of secure, modern TLS versions such as TLS 1.2 or higher.
Impact#
Attackers may exploit known vulnerabilities in outdated SSL/TLS protocols or ciphers to intercept, decrypt, or manipulate sensitive data in transit. This exposes users and systems to man-in-the-middle attacks, data breaches, and non-compliance with security standards.
Resolution#
Use a more recent TLS/SSL policy for the load balancer