Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15983 | DTBF030 | SV-16925r6_rule | Medium |
Description |
---|
Use of versions prior to TLS 1.1 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs. |
STIG | Date |
---|---|
Mozilla FireFox Security Technical Implementation Guide | 2019-03-20 |
Check Text ( C-16610r6_chk ) |
---|
Open a browser window, type "about:config" in the address bar. Verify Preference Name "security.enable_tls" is set to the value "true" and locked. Verify Preference Name "security.tls.version.min" is set to the value "2" and locked. Verify Preference Name "security.tls.version.max" is set to the value "3" and locked. Criteria: If the parameters are set incorrectly, then this is a finding. If the settings are not locked, then this is a finding. |
Fix Text (F-15984r6_fix) |
---|
Configure the following parameters using the Mozilla.cfg file: LockPref "security.enable_tls" is set to "true". LockPref "security.tls.version.min" is set to "2". LockPref "security.tls.version.max" is set to "3". |