AWS Application Load Balancer configured with insecure SSL protocol policy
Description
AlphaSOC detected that an Amazon Application Load Balancer (ALB) was configured with an insecure Secure Socket Layer (SSL) protocol policy. This finding indicates that the ALB listener uses an SSL policy that allows TLS 1.1 or older protocols, exposing the system to known cryptographic vulnerabilities.
Impact
Outdated TLS protocols enable adversaries to intercept and decrypt traffic between users and the load balancer. This can lead to unauthorized access to sensitive data, man-in-the-middle attacks, and compromise of backend services.
Severity
| Severity | Condition |
|---|---|
Low | AWS ALB created or modified with an insecure SSL protocol policy |
Investigation and Remediation
Review the ALB configuration in the AWS Console to identify listeners using deprecated SSL policies. Update the SSL policy to use TLS 1.2 or later and remove support for weak cipher suites. Test application compatibility with the new configuration and monitor for failed connection attempts.