Redis cache does not have minimum TLS version set to 1.2 Affecting Redis service in Azure

Snyk CCSS

Data / Encryption Protocols

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CSA-CCM ISO-27001 NIST-800-53 PCI-DSS SOC-2

Snyk ID SNYK-CC-00573
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

An outdated TLS version might lead to data leakage or manipulation.

How to fix?

Set minimumTlsVersion to 1.2.

ARM

redis

Terraform

azurerm_redis_cache

References

Remove TLS 1.0 and 1.1 from use with Azure Cache for Redis