TLS Chrome compatibility

By
Febna V M
Published on
02 Jul 2018
Vulnerability

The TLS protocol is used to provide privacy and data integrity between two or more communicating computer applications. When secured by TLS, connections between a client and a server have one or more of the following properties:-

  1. The connection is private
  2. Identity of parties can be authenticated
  3. The connection is reliable

Transportation layer came from Secure Socket Layer. A careful configuration of TLS will provide additional privacy-related properties like forward secrecy, prevent discloser of encryption keys etc.

Some of the TLS certificates do not support old Chrome versions.

Impact

The impact include:-

  • Renegotiation attack
  • Downgrade attacks like Logjam and FREAK
  • Cross platform attacks like DROWN
  • BEAST attack
  • Breach attacks
  • POODLE attacks

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Changing the TLS cipher for the users using older versions of Chrome
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Febna V M
Febna V M
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.