Check for Early CCS Vulnerability
If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.
|Result positive||Not vulnerable to Early CCS vulnerability.|
|Result negativ||Vulnerable to Early CCS vulnerability.|
|Description||The server is vulnerable to the Early-CCS vulnerability. This vulnerability allows an attacker to decrypt communication and read user input such as passwords under special circumstances.|
|Background||The Early CCS vulnerability is an implementation vulnerability in a 2014 TLS software library. If you are affected by this vulnerability, you should urgently update your software. The vulnerability is relatively minor, but a clear indicator that you have not updated your software for at least 5 years and are therefore affected by more serious attacks.|
|Consequence||The server is vulnerable to a vulnerability that allows an attacker to decrypt the communication in special situations. The software used is obsolete.|
|Solution/Tips||If vulnerability has been reported, immediately install an update to your TLS implementation on your server.|