Firefox must be configured to allow only TLS 1.2 or above.
Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.
If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding.
Fix Text (F-54935r820744_fix)
Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Minimum SSL version enabled Policy State: Enabled Policy Value: TLS 1.2 (or TLS 1.3)
macOS "plist" file: Add the following: SSLVersionMin tls1.2 (or tls1.3)
Linux "policies.json" file: Add the following in the policies section: "SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3")