Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
HTTPS connection with weak key length - Vulnerability Database

HTTPS connection with weak key length

Description

The key length for HTTPS connections is lower than the recommended 128 bits.

Remediation

The key length should be at least 128 bits.

References

Testing for Weak SSL/TSL Ciphers, Insufficient Transport Layer Protection

Related Vulnerabilities

HTTPS connection uses outdated TLS version Medium
Common tags: Weak Crypto
CRIME SSL/TLS attack Medium
Common tags: Weak Crypto
TLS/SSL Sweet32 attack Medium
Common tags: Weak Crypto
TLS/SSL (EC)DHE Key Reuse Information
Common tags: Weak Crypto
SSL/TLS Not Implemented Medium
Common tags: Weak Crypto

Severity

Medium

Classification

CWE-310
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Weak Crypto