Insecure encryption algorithm - Anonymous cipher suites
Description
The application allows connections with anonymous cipher suites.
Impact
Obtain sensitive information by performing a MitM attack.
Recommendation
Use algorithms considered cryptographically secure.
Threat
Unauthorized attacker from adjacent network performing a MitM attack.
Expected Remediation Time
⌚ 30 minutes.
Score
Default score using CVSS 3.1. It may change depending on the context of the src.
Base
- Attack vector: N
- Attack complexity: L
- Privileges required: N
- User interaction: N
- Scope: U
- Confidentiality: H
- Integrity: N
- Availability: N
Temporal
- Exploit code maturity: X
- Remediation level: X
- Report confidence: X
Result
- Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:X/RL:X/RC:X
- Score:
- Severity:
- Base: High
- Temporal: High
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: L
- Attack Requirements: N
- Privileges required: N
- User interaction: N
- Confidentiality (VC): H
- Integrity (VI): N
- Availability (VA): N
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
Result 4.0
- Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X
- Score:
- Severity:
Details
A cipher suite is a set of algorithms
that help secure a network connection.
Suites typically use
Transport Layer Security (TLS)
or its now-deprecated predecessor
Secure Socket Layer (SSL).
The set of algorithms
that cipher suites usually contain include:
a key exchange algorithm,
a bulk encryption algorithm,
and a message authentication code
(MAC) algorithm.
The key exchange algorithm
is used to exchange a key
between two devices.
This key is used to encrypt
and decrypt the messages
being sent between two machines.
The bulk encryption algorithm
is used to encrypt the data being sent.
The MAC algorithm
provides data integrity checks
to ensure that the data sent
does not change in transit.
In addition,
cipher suites can include signatures
and an authentication algorithm
to help authenticate
the server or client.
A cipher suite is as secure
as the algorithms that it contains.
If the version of encryption
or authentication algorithm
in a cipher suite
have known vulnerabilities,
the cipher suite and TLS connection
is then vulnerable.
Weak algorithms
- RSA with key < 2048 bytes,
can be brute-forced in feasible time
- OpenSSL Elliptic Curves, secp112r1,
secp112r2, secp128r1, secp128r2,
secp160k1, secp160r1, secp160r2,
secp192k1, prime192v1, prime192v2,
prime192v3, sect113r1, sect113r2, sect131r1,
sect131r2, sect163k1, sect163r1,
sect163r2, sect193r1, sect193r2, c2pnb163v1,
c2pnb163v2, c2pnb163v3,
c2pnb176v1, c2tnb191v1, c2tnb191v2,
c2tnb191v3, c2pnb208w1,
wap-wsg-idm-ecid-wtls1, wap-wsg-idm-ecid-wtls3,
wap-wsg-idm-ecid-wtls4, wap-wsg-idm-ecid-wtls5,
wap-wsg-idm-ecid-wtls6, wap-wsg-idm-ecid-wtls7,
wap-wsg-idm-ecid-wtls8, wap-wsg-idm-ecid-wtls9,
wap-wsg-idm-ecid-wtls10, wap-wsg-idm-ecid-wtls11,
oakley-ec2n-3, oakley-ec2n-4, brainpoolp160r1,
brainpoolp160t1, brainpoolp192r1, brainpoolp192t1,
can be brute-forced in feasible time.
Requirements
Fixes
Free trial