Unsafe TLS Renegotiation Enabled

Description

The Java application enables unsafe SSL/TLS renegotiation, which may allow man-in-the-middle (MITM) attacks. This is a security risk because it allows an attacker to intercept and modify the communication between the client and server.

Examples

Insecure Code

java

java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", true);

Secure Code

java

// Omit the property or set it to false
// java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", false);

Remediation

Avoid setting the 'sun.security.ssl.allowUnsafeRenegotiation' property to true. Set it to false or omit it entirely.

Rule Details

Field	Value
ID	CODE-0261
Category	Crypto
Severity	MEDIUM
CWE	CWE-319
Confidence	MEDIUM
Impact	MEDIUM
Likelihood	LOW
Exploitability	MODERATE
Tags	tls, ssl, renegotiation
OWASP	A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures

References

https://www.oracle.com/java/technologies/javase/tlsreadme.html

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Unsafe TLS Renegotiation Enabled

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Unsafe TLS Renegotiation Enabled ​

Description ​

Examples ​

Insecure Code ​

Secure Code ​

Remediation ​

Rule Details ​

References ​

Unsafe TLS Renegotiation Enabled

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References