šŸš€ Join our AI Wargame at Black Hat Asia and our Workshop + Wargame at NDC Sydney .

Weak TLS

If the in-transit data is sent in plaintext or via a deprecated encryption protocol, an adversary listening on the wire can intercept and modify it. This can lead to theft of sensitive information, identity theft, and other malicious activities.

Remediation

  • Always use strong encryption protocols like TLS 1.2 or higher to secure data transmission.
  • Disable support for deprecated encryption protocols, such as SSL and early versions of TLS.
  • Validate SSL/TLS certificates to prevent man-in-the-middle (MITM) attacks by untrusted or fake certificates.
  • Implement certificate pinning to ensure communication occurs only with trusted servers.
  • Encrypt sensitive data at the application level before transmission for an added layer of protection.

Metadata

  • Severity: medium
  • Slug: weak-tls

OWASP

  • M5:2024: Insecure Communication

Available Labs

Select a language to explore available labs for this vulnerability.

No matching labs found

Try adjusting your language filter.

Try it yourself

Find, Hack and Fix Your First Vulnerability

Reading about security bugs is one thing — fixing one is how the skill sticks. Play a free challenge from the wargame, no setup required.