Skip to content

Weak SSL/TLS

What does this mean ?

A weak SSL/TLS vulnerability is a flaw or weakness in the protocol that can be exploited by an attacker to compromise the security of the connection and potentially intercept or manipulate the data being transmitted.

What can happen ?

  • An attacker could potentially intercept and read sensitive data that is being transmitted over the connection.
  • An attacker could potentially use a weak SSL/TLS vulnerability to steal the identity of the client or server.
  • If an SSL/TLS vulnerability is exploited, it can undermine the trust of users in the security of the communication being transmitted over the internet.

Recommendation

  • Use strong encryption.
  • Use secure negotiation protocols.
  • Use valid and up-to-date certificates.
  • Regularly update the SSL/TLS protocol.
  • Use a web application firewall.
  • Implement network segmentation.

Sample Code

Vulnerable : 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls; // vulnerable

Non Vulnerable : 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls13; // Non vulnerable

Vulnerable : 

connect = SSLContext.getInstance("TLSv1.1"); // vulnerable

Non Vulnerable : 

connect = SSLContext.getInstance("TLSv1.2"); // Non vulnerable

Vulnerable : 

$context = stream_context_create([
    'ssl' => [
        'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT // Vulnerable
    ],
]);

Non Vulnerable : 

$context = stream_context_create([
    'ssl' => [
        'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT // Non Vulnerable
    ],
]);

Vulnerable : 

const options = {
    secureProtocol: 'TLSv1_method' // Vulnerable
};

Non Vulnerable : 

const options = {
    secureProtocol: 'TLSv1_2_method' // Non vulnerable
};

Vulnerable : 

client := &http.Client{
    Transport: &http.Transport{
        TLSClientConfig: &tls.Config {
            MinVersion: tls.VersionTLS11, // Non vulnerable
        },
    },
}

Non Vulnerable : 

client := &http.Client{
    Transport: &http.Transport{
        TLSClientConfig: &tls.Config{
            MinVersion: tls.VersionTLS12, // Non vulnerable
        },
    },
}

Vulnerable : 

Net::HTTP.start(uri.host, uri.port,
    use_ssl: true,
    min_version: :TLS1_1, # Vulnerable
)

Non Vulnerable : 

Net::HTTP.start(uri.host, uri.port,
    use_ssl: true,
    min_version: :TLS1_2, # Non Vulnerable
)

References