Cryptography / SSL Anonymous Cipher Suites Supported



SSL Anonymous Cipher Suites Supported vulnerability (CWE-310) is when secure sockets layer (SSL) uses cipher suites that do not authenticate the parties involved in a secure communication. According to the OWASP Testing Guide, this vulnerability allows attackers to perform man-in-the-middle attacks, allowing them to gain access to sensitive information or modify content. This vulnerability is categorized under cryptography and can occur in infrastructure.


This vulnerability can be used to perform man-in-the-middle attacks and gain access to sensitive data or modify content. By using the vulnerability, attackers can read, modify or delete data without being detected. This vulnerability can cause serious damage to an organization, such as financial loss, reputation damage and data breaches.


The best way to fix this vulnerability is to disable SSL Anonymous Cipher Suites Supported in the server configuration. This can be done by disabling the SSLv2 and SSLv3 protocols and enabling only TLS protocols. Additionally, organizations should regularly audit their system configurations to ensure that the latest security protocols are being used.


The following code shows an example of how to disable SSLv2 and SSLv3 protocols and enable TLS protocols.

# Disable SSLv2
SSLProtocol all -SSLv2

# Disable SSLv3
SSLProtocol all -SSLv3

# Enable TLS protocols
SSLProtocol TLSv1 TLSv1.1 TLSv1.2

Curious? Convinced? Interested?

Arrange a no-obligation consultation with one of our product experts today.