Hi,
We have scanned one of our host using openvas latest , but its not detected the tls 1.0 & tls 1.1 vulnerability .Can you please let us know why this is not deletected.
Thanks & Regards
Dileep. O
Hi,
We have scanned one of our host using openvas latest , but its not detected the tls 1.0 & tls 1.1 vulnerability .Can you please let us know why this is not deletected.
Thanks & Regards
Dileep. O
If the use of TLS 1.0 and/or 1.1 doesn’t comply with your requirements you can configure the following VT accordingly:
Name: SSL/TLS: Policy Check
Family: Policy
OID: 1.3.6.1.4.1.25623.1.0.105778
Once both protocols are “official” deprecated:
https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
there will be a new VT reporting both as deprecated and with a severity by default (without the requirement to use the previously mentioned VT).
For the records:
TLSv1.0 and TLSv1.1 are now “officially” deprecated by the IETF since a few days:
https://datatracker.ietf.org/doc/rfc8996/
A new VT reporting them as such (with a related severity) will arrive in the Feeds (GCF and GSF) in the next few days.