CSAL#59
|
Security Notification # CSAL59 |
|
Advisory Title: TLS Server Supports Outdated TLS 1.0 |
||||
|
Document ID: |
TAS/PRD/GEN/SN-CSAL#59 |
Document Name: |
Security Notification # CSAL59 |
Doc. Rev.: |
0 |
|
|
|
|
|
|
|
|
|
|
Publication Date |
15-Jan-24 |
Incident Source |
CSAL59 |
CVE / Vulnerability Reference |
OWASP(A6) |
|
|
Last Update |
06-Feb-24 |
Reported By |
Valency Networks Testing Agency |
Advisory ID# |
Posting Not Started Yet |
|
|
Current Version |
WP500 FW 0.6.6 |
CVSS Score |
7.5 |
|
|
|
|
|
|
|
|
|
|
|
|
Vulnerability Description |
TLS Server Supports TLS version 1.0 (tlsv1_0-enabled) |
|||||
|
Impact |
Supporting TLS version 1.0 on a server poses a security risk due to its outdated encryption and vulnerability to various attacks, such as POODLE and BEAST. To mitigate this risk, disable TLS 1.0 and upgrade to a more secure version, preferably TLS 1.2 or higher. |
|||||
|
Affected products |
WP500 Firmware 0.65 Version |
|
|
|
|
|
|
Temporary Fix / Mitigation |
Please update to firmware version 0.6.6. |
|
||||
|
Acknowledgment |
Valency Networks , Pune |
|
|
|
|
|
|
History |
NA |
|
|
|
|
|
|
Classification of Vulnerability |
|
|
|
|
||