Encryption algorithm Rivest Cipher 4[370][371][372][373] is a stream cipher[182][183] that is more malleable[134] than a block cipher[78][79][80][81]. It has multiple vulnerabilities[375][376][377][378][379] (eg: related-key attack[68], distinguishing attack[60], ...), so attacker can apply statistical analysis against it to recover the encrypted text.
Remove the cipher suite from the list of cipher suites supported by your server.
Get a prompt and clear overview of your security configuration. Right now!
You can fix your security setting with the following config snippets in various services. You simply copy-paste (or delete) them to get a better secirity and grade. Do not forget to re-check your modified settings above.
If you want to reveal your security weaknesses and monitor your services or supply chain sign up for our beta test.
OLD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA TLS_DHE_DSS_WITH_RC4_128_SHA TLS_DHE_PSK_WITH_RC4_128_SHA TLS_DH_anon_WITH_RC4_128_MD5 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA TLS_ECDHE_PSK_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_ECDH_RSA_WITH_RC4_128_SHA TLS_ECDH_anon_WITH_RC4_128_SHA TLS_KRB5_WITH_RC4_128_MD5 TLS_KRB5_WITH_RC4_128_SHA TLS_PSK_WITH_RC4_128_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_PSK_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA
