Skip to main content

Insecure encryption algorithm - SSLContext

Description

An SSLContext object implements the specified secure socket protocol. However, not all protocols are equal and some legacy protocols, such as SSL, have proven to be insecure.

Impact

Decrypt traffic at the back-end level.

Recommendation

Only secure encryption with secure algorithms such as TLSv1.2 or higher should be allowed.

Threat

Unauthenticated internal attacker.

Expected Remediation Time

⌚ 15 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

  • Attack vector: A
  • Attack complexity: L
  • Privileges required: N
  • User interaction: R
  • Scope: U
  • Confidentiality: L
  • Integrity: N
  • Availability: N

Temporal

  • Exploit code madurity: P
  • Remediation level: O
  • Report confidence: X

Result

  • Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:X
  • Score:
    • Base: 3.5
    • Temporal: 3.2
  • Severity:
    • Base: Low
    • Temporal: Low

Code Examples

Compliant code

Safe protocols are used when perfoming a connection

sock = tcp_connect(host, port, intention)
ssl_ctx = ssl.SSLContext(protocol=TLSv1.3)
ssl_sock = ssl_ctx.wrap_socket(sock, do_handshake_on_connect=False)
try:
ssl_sock.do_handshake()
except ConnectionResetError as error:
socket_has_errors = True
return None
return ssl_sock

Non compliant code

Ther is an insecure protocol set when perfoming a connection

sock = tcp_connect(host, port, intention)
ssl_ctx = ssl.SSLContext(protocol=SSL)
ssl_sock = ssl_ctx.wrap_socket(sock, do_handshake_on_connect=False)
try:
ssl_sock.do_handshake()
except ConnectionResetError as error:
socket_has_errors = True
return None
return ssl_sock

Requirements