ELBv2 outdated Security Policy

Network misconfigurations

ELBv2 outdated Security Policy

Platform(s)

Compliance Frameworks

CCM-CSA
CCPA
cis_8
CPRA
essential_8_au
essential_8_au_level_1
essential_8_au_level_2
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

The listeners {AwsEc2Elbv2.Listeners} of the ELBv2 {AwsEc2Elbv2} are using an outdated security policy to negotiate SSL connections between the ELBv2 and its clients. Outdated security policies may have known SSL/TLS flaws that an adversary can use to intercept HTTPS connections between the ELBv2 and its clients.

ELBv2 outdated Security Policy

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS