Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Firefox is not configured to allow use of TLS 1.0 and above.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-57607 | DTBF-0004 | SV-72017r1_rule | Medium |
| Description |
|---|
| DoD implementations of SSL must use TLS 1.0 in accordance with the Network Infrastructure STIG. Earlier versions of SSL have known security vulnerabilities and are not authorized for use in DOD. |
| STIG | Date |
|---|---|
| Mozilla Firefox | 2017-03-22 |
Details
| Check Text ( C-58439r3_chk ) |
|---|
| Procedure: In about:config, verify that the setting for the following Preference Name’s are set and locked. “security.enable_tls”, set to “true”; “security.tls.version.min”, set to “1.0”. Criteria: If the parameter is set incorrectly, then this is a finding. If the setting is not locked, then this is a finding. |
| Fix Text (F-62807r2_fix) |
|---|
| Set and lock the following preferences using the “Mozilla.cfg” file: “security.enable_tls”, set to “true”; “security.tls.version.min”, set to “1.0”. |