Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.108022
Category:SSL and TLS
Title:SSL/TLS: Report 'Null' Cipher Suites
Summary:This routine reports all 'Null' SSL/TLS cipher suites accepted by a service.
Description:Summary:
This routine reports all 'Null' SSL/TLS cipher suites accepted by a service.

Vulnerability Insight:
Services supporting 'Null' cipher suites could allow a client to negotiate a
SSL/TLS connection to the host without any encryption of the transferred data.

Vulnerability Impact:
This could allow remote attackers to obtain sensitive information
or have other, unspecified impacts.

Solution:
The configuration of this services should be changed so
that it does not accept the listed 'Null' cipher suites anymore.

Please see the references for more resources supporting you in this task.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.