SSL/TLS Deprecated Ciphers Unsupported

critical Nessus Plugin ID 132675

Synopsis

The remote host uses deprecated SSL/TLS ciphers which are unsupported

Description

The remote host has open SSL/TLS ports which advertise deprecated cipher suites. The ciphers contained in these suites are no longer supported by most major ssl libraries such as OpenSSL, NSS, Mbed TLS, and wolfSSL and, as such, should not be used for secure communication.

Nessus 8.9 and later no longer supports these ciphers.

Solution

Upgrade to a cipher suite which does not contain deprecated ciphers.

Plugin Details

Severity: Critical

ID: 132675

File Name: ssl_deprecated_ciphers_89.nasl

Version: 1.5

Type: remote

Family: General

Published: 1/6/2020

Updated: 2/3/2021

Supported Sensors: Nessus

Vulnerability Information

Excluded KB Items: global_settings/disable_test_ssl_based_services

Reference Information

IAVA: 0001-A-0635