Data protection

IP supports deprecated SSL encryption (SSLv3)

Risk Level

Informational (4)

Platform(s)

  • N/A

Compliance Frameworks

Description

A server under this IP supports SSLv3, which was deprecated by the Internet Engineering Task Force (IETF) as of June 2015 (RFC7568). By supporting SSLv3, the web endpoint is using an outdated and potentially insecure encryption protocol. This could potentially allow attackers to intercept and decrypt traffic sent to the endpoint, leading to a range of security issues.

  • Recommended Mitigation

    It is recommended to replace SSL with a current TLS version (1.2 and up)

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.