Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS/SSL Weak Message Authentication Code Cipher Suites #104

Open
zisanyavuz opened this issue Nov 6, 2024 · 0 comments
Open

TLS/SSL Weak Message Authentication Code Cipher Suites #104

zisanyavuz opened this issue Nov 6, 2024 · 0 comments
Assignees
@zisanyavuz
Labels
bug Something isn't working KONDUKTO

Comments

@zisanyavuz
Copy link

A high severity infra vulnerability has been discovered.

Infra Group: test2,test79 - test

Scanner Name: rapid7infra

Target: 172.67.159.157 : 443

Service: HTTPS

Exploitable: false

Protocol: tcp


Proof: Negotiated with the following insecure cipher suites: TLS 1.0 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS 1.1 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS 1.2 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

Tool Description: Transport Layer Security version 1.2 and earlier include support for cipher suites which use cryptographically weak Hash-based message authentication codes (HMACs), such as MD5 or SHA1..
CVSS2 score: 4.000000
Service Name:
Port:
Protocol:
Proof:
Service Name: HTTPS
Port: 443
Protocol: tcp
Proof: Negotiated with the following insecure cipher suites: TLS 1.0 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS 1.1 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS 1.2 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

Kondukto Link: https://9a4f-104-155-30-65.ngrok-free.app/projects/6703db4e0fadccdc7e5dfc4c/vulns/infra?page=1&perPage=15&id=in:672b220838ffea64c1f7a55f
Deeplink: https://10.20.104.26:3780//vulnerability/vuln-summary.jsp?vulnid=ssl-weak-message-authentication-code-algorithms
@zisanyavuz zisanyavuz added bug Something isn't working KONDUKTO labels Nov 6, 2024
@zisanyavuz zisanyavuz self-assigned this Nov 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zisanyavuz zisanyavuz

Labels
bug Something isn't working KONDUKTO
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zisanyavuz