Data protection

IP supports deprecated SSL encryption (SSLv3)

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

A server under this IP supports SSLv3, which was deprecated by the Internet Engineering Task Force (IETF) as of June 2015 (RFC7568). By supporting SSLv3, the web endpoint is using an outdated and potentially insecure encryption protocol. This could potentially allow attackers to intercept and decrypt traffic sent to the endpoint, leading to a range of security issues.
  • Recommended Mitigation

    It is recommended to replace SSL with a current TLS version (1.2 and up)