Old TLS backward compatibility

By
Sooraj V Nair
Published on
02 Jul 2018
Vulnerability

The TLS protocol is used to provide privacy and data integrity between two or more communicating computer applications. When secured by TLS, connections between a client and a server have one or more of the following properties:-

  1. The connection is private
  2. The identity of parties can be authenticated
  3. The connection is reliable

Transportation layer came from Secure Socket Layer. A careful configuration of TLS will provide additional privacy-related properties like forwarding secrecy, prevent discloser of encryption keys etc. Some of the clients might use older operating systems or old web browsers. The old cipher suite is used for all clients back to Windows XP/IE6. It method should be used only as a last resort only for the specific clients.

Impact

The impact include:-

  • Renegotiation attack
  • Downgrade attacks like Logjam and FREAK
  • Cross-platform attacks like DROWN
  • BEAST attack
  • Breach attacks
  • POODLE attacks

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Changing to the old cipher suit if the client is using Windows XP/IE6.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Sooraj V Nair
Sooraj V Nair
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.