TF 0241 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Elasticsearch domain endpoint is using outdated TLS policy.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | elastic-search |
| Provider | AWS |
| Vulnerability Type | omission |
Description
Using outdated TLS policies for Elasticsearch domain endpoints can expose traffic to weak cryptographic algorithms, making it easier for attackers to decrypt or tamper with data.
Impact
Outdated TLS policies increase the risk of man-in-the-middle attacks, data interception, and compromise of sensitive information.
Resolution
Use the most modern TLS/SSL policies available