Hi Experts,
We are using 3.4.2 MP2 and got below vulnerability scanned report, would you recommend how we can fix it? Or is this false positive?
| Vulnerability |
Description |
Proof |
Remediation |
protocol |
port |
service |
Last Scanned |
| TLS/SSL Server Supports The Use of Static Key Ciphers |
The server is configured to support ciphers known as static key ciphers. These ciphers don't support "Forward Secrecy". In the new specification for HTTP/2, these ciphers have been blacklisted. |
* Negotiated with the following insecure cipher suites: * TLS 1.2 ciphers: * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_128_GCM_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_AES_256_GCM_SHA384 |
Disable TLS/SSL support for static key cipher suites |
TCP |
443 |
HTTPS |
2022-03-12 14:40:21.553 |
Regards,
Syera