Insecure DTLS Version

Description

DTLS 1.0 is an outdated and less secure protocol compared to newer versions such as DTLS 1.2 or 1.3. It suffers from various security vulnerabilities and weaknesses.

Examples

Insecure Code

swift

let connection = NWConnection(host: NWEndpoint.Host("example.com"), port: NWEndpoint.Port("443"), using:.dtls)
let tlsVersion = "tls_protocol_version_t.DTLSv10"

Secure Code

swift

let connection = NWConnection(host: NWEndpoint.Host("example.com"), port: NWEndpoint.Port("443"), using:.dtls)
let tlsVersion = "tls_protocol_version_t.DTLSv12"

Remediation

Update the DTLS version to 1.2 or higher.

Rule Details

Field	Value
ID	CODE-0631
Category	Crypto
Severity	MEDIUM
CWE	CWE-757
Confidence	HIGH
Impact	MEDIUM
Likelihood	MEDIUM
Exploitability	MODERATE
Tags	security misconfiguration, algorithm downgrade
OWASP	A6:2017-Security Misconfiguration, A05:2021-Security Misconfiguration

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Insecure DTLS Version

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

SAST Rules

IaC Rules

License Rules

Insecure DTLS Version ​

Description ​

Examples ​

Insecure Code ​

Secure Code ​

Remediation ​

Rule Details ​

Insecure DTLS Version

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details