Nessus Says "(SSL Version 2 and 3 Protocol Detection)" in Exchange 2016 (CU17) High Vulnerability

Sathishkumar Singh 486 Reputation points
2021-03-03T09:41:42.04+00:00

Hello Support,

My Exchange Sever 2016 (CU17)
When i run Nessus tool says that "SSL Version 2 and 3 Protocol Detection

https://www.tenable.com/plugins/nessus/20007

How to fix this issue without any impact

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,298 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KyleXu-MSFT 26,221 Reputation points
    2021-03-04T05:17:04.197+00:00

    @Sathishkumar Singh

    The report said, SSL 2.0 and 3.0 are enabled on your Exchange server, it suggest you disable them and use TLS 1.2 to replace them.

    You could follow this blog to make sure TLS 1.2 is supported on your Exchange server. Then you could disable SSL 2. and 3.0 on your server with Registry.


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.