The API gateway will accept older TLS cipher suits Affecting API Gateway (REST APIs) service in AWS


Severity

0.0
medium
0
10
    Severity Framework
    Snyk CCSS
    Rule category
    Keys and Secrets / Access

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
    Frameworks
    CIS-Controls CSA-CCM
  • Snyk ID SNYK-CC-00312
  • credit Snyk Research Team

Description

Older cipher suites could be vulnerable to hijacking and information disclosure.

How to fix?

Set Properties.SecurityPolicy attribute to TLS_1_2.

CloudFormation

    Terraform