Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15983 | DTBF030 | SV-16925r4_rule | Medium |
Description |
---|
Use of versions prior to TLS 1.0 are not permitted because these versions are non-standard. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs. |
STIG | Date |
---|---|
Mozilla Firefox | 2017-01-06 |
Check Text ( C-16610r4_chk ) |
---|
Open a browser window, type "about:config" in the address bar. Verify Preference Name "security.tls.version.min" is set to the value "1" and locked. Verify Preference Name "security.tls.version.max" is set to the value "3" and locked. Criteria: If the parameters are set incorrectly, then this is a finding. If the settings are not locked, then this is a finding. |
Fix Text (F-15984r4_fix) |
---|
Configure the following parameters using the Mozilla.cfg file: LockPref "security.tls.version.min" is set to "1". LockPref "security.tls.version.max" is set to "3". |