[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92872-1

Platform: cpe:/o:microsoft:windows_server_2016Date: (C)2019-05-17   (M)2023-07-04



This policy setting determines whether TLS 1.0 protocol is disabled. TLS 1.0 has several flaws. An attacker can cause connection failures and they can trigger the use of TLS 1.0 to exploit vulnerabilities like BEAST (Browser Exploit Against SSL/TLS). Countermeasure: Configure this setting to disable TLS 1.0. Potential Impact: Disabling TLS 1.0 will block server access from a number of browsers and operating systems. Fix: (1) REG: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Server!Enabled HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsTLS 1.0Client!Enabled


Parameter:

[disabled/enabled]


Technical Mechanism:

(1) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server!Enabled HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client!Enabled

CCSS Severity:CCSS Metrics:
CCSS Score : 9.1Attack Vector: NETWORK
Exploit Score: 3.9Attack Complexity: LOW
Impact Score: 5.2Privileges Required: NONE
Severity: CRITICALUser Interaction: NONE
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:54848


OVAL    1
oval:org.secpod.oval:def:54848
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2016

© SecPod Technologies