News

12/11/2021

Reported Vulnerabilities – HTTPS Port 443

Through emPSN’s registrations with various security partners we receive information around the IP addresses on the emPSN network, including potential vulnerabilities. Third Party vulnerability data is taken from public reference sources, supplied on an as is basis. Data should be used to confirm and check the posture of the equipment running within your network.

HTTP – Hypertext Transfer Protocol.

Is used explicitly for HTTPS services and hence is the standard port for encrypted HTTP traffic. It is also called HTTPS port 443, allowing secured communications which run through TCP port 443.

What does HTTPS Protect? HTTPS secures your data communications between client and server with encryption and to ensure that your traffic cannot read or access the conversation.

Port 443 Vulnerabilities

The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology. The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3. However, like many other attacks listed here, this vulnerability is also based on a forced downgrade attack.

Recommended Actions:

We continue to see customers using outdated or mis configured web server technologies leaving them open to abuse from users on the Internet, we recommend customers maintain up to date, patched, hardened and checked resources which are used to service users on the Internet. You could be vulnerable to the following vulnerabilities without even knowing it:

  • Heartbleed (CVE-2014-0160)
  • CCS (CVE-2014-0224)
  • Secure Renegotiation (CVE-2009-3555)
  • CRIME, TLS (CVE-2012-4929)
  • BREACH (CVE-2013-3587)
  • POODLE, SSL (CVE-2014-3566)
  • FREAK (CVE-2015-0204)
  • DROWN (2016-0800, CVE-2016-0703)
  • LOGJAM (CVE-2015-4000)
  • BEAST (CVE-2011-3389)
  • RC4 (CVE-2013-2566, CVE-2015-2808)

The empsn Firewall where configured will allow external users to access your resources on the HTTPS TCP 443 port, it is the responsibility of the customer organisation to maintain the posture and security of the hosted server or device.

Questions:

If you have any questions or concerns about this advisory, please contact us via our support desk – support@empsn.org.uk

References:

Related Posts

17/01/2024
Ivanti vulnerabilities (CVE-2023-46805, CVE-2024-21887) in widespread exploitation – Action Recommended

Summary: January 10, 2024, Ivanti published an advisory regarding two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that impact all supported versions of the Connect Secure (formerly known as Pulse Connect Secure) and Policy Secure gateways. CVE-2023-46805 is… More »

News
18/12/2023
Critical Apache Struts 2 vulnerability (CVE-2023-50164) in active exploitation – Action Recommended

Summary: Apache disclosed a critical vulnerability (CVE-2023-50164) in the Apache Struts 2 open-source framework. Successful exploitation can allow an attacker to manipulate file upload parameters to enable path traversal and upload a malicious file. The… More »

News
13/12/2023
2023 Christmas Checklist

To prepare for your Christmas break, please take a minute to read the below checklist, to help make sure there are no unwanted interruptions over the festive period, or in fact any uninvited surprises waiting… More »

News

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners