Firefox must be configured to allow only TLS.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15983 | DTBF030 | SV-16925r8_rule | Medium |
| Description |
|---|
| Use of versions prior to TLS 1.1 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs. |
| STIG | Date |
|---|---|
| Mozilla FireFox Security Technical Implementation Guide | 2020-06-19 |
Details
| Check Text ( C-16610r8_chk ) |
|---|
| Open a browser window, type "about:config" in the address bar. Verify Preference Name "security.tls.version.min" is set to the value "2" and locked. Verify Preference Name "security.tls.version.max" is set to the value "4" and locked. Criteria: If the parameters are set incorrectly, this is a finding. If the settings are not locked, this is a finding. |
| Fix Text (F-15984r8_fix) |
|---|
| Configure the following parameters using the Mozilla.cfg file: LockPref "security.tls.version.min" is set to "2". LockPref "security.tls.version.max" is set to "4". |