UCF STIG Viewer Logo

Firefox must be configured to allow only TLS 1.2 or above.


Finding ID Version Rule ID IA Controls Severity
V-251546 FFOX-00-000002 SV-251546r820745_rule High
Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.
Mozilla Firefox Security Technical Implementation Guide 2022-09-09


Check Text ( C-54981r820743_chk )
Type "about:policies" in the browser window.

If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding.
Fix Text (F-54935r820744_fix)
Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2 (or TLS 1.3)

macOS "plist" file:
Add the following:
tls1.2 (or tls1.3)

Linux "policies.json" file:
Add the following in the policies section:
"SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3")