TLS v1.0 vulnerability detected in NFA
search cancel

TLS v1.0 vulnerability detected in NFA


Article ID: 226648


Updated On:


CA Network Flow Analysis (NetQos / NFA) DX NetOps


Recently got the result from VAPT which is "TLS v1.0 detection" in  NFA Console server.

Already disabled the TLSv1.0 in the regedit but still on the second VAPT scan the same result was detected.

Is there an additional changes that need to be done within the NFA application to remedy this vulnerability? 




Release : 10.0.x / 21.2.x

Component :NFA console


Can follow below KB and can apply option 4 i.e "Post-Upgrade / Automatic re-apply certificates"


NFA: ApplyHTTPS Tool


It will redo the https config with the ssl restrictions. 


The AppyHttps script will import a xml file in RIB  jetty-ssl-context file that blocks everything below TLS 1.2 by default.