Obsolete-Protocol-Version-SSL3-POP3S/EN
Check for outdated SSL3 protocol
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
Result positive | Obsolete protocol version SSL3 is not supported. |
Result negativ | Obsolete protocol version SSL3 is supported. |
Description | The server supports the outdated SSL3 protocol version, which is considered highly insecure. By using this version you massively endanger the security of the connections to this server. |
Background | SSL (Secure Sockets Layer) stands for a hybrid encryption protocol for secure data transmission on the Internet and serves as the basis for secure calling via TLS. The SSL3 version dates from 1995 and has not been officially supported since 2015. The term SSL has since been replaced by the term TLS (Transport Layer Security). The SSL3 gap became particularly known through POODLE. By using SSL3, the confidentiality of the connections can no longer be guaranteed. |
Consequence | By offering SSL3 on the server side, you allow attacks on connections with older clients. This allows an attacker to potentially decrypt parts of the connection and steal data. |
Solution/Tips | If Outdated protocol version SSL3 is supported is reported: TLS encryption is now the default. You should therefore refrain from using SSL3. |