Tls 1.0 & 1.1 Vulnerability Not detected by openvas


We have scanned one of our host using openvas latest , but its not detected the tls 1.0 & tls 1.1 vulnerability .Can you please let us know why this is not deletected.

Thanks & Regards
Dileep. O

If the use of TLS 1.0 and/or 1.1 doesn’t comply with your requirements you can configure the following VT accordingly:

Name: SSL/TLS: Policy Check
Family: Policy

Once both protocols are “official” deprecated:

there will be a new VT reporting both as deprecated and with a severity by default (without the requirement to use the previously mentioned VT).


For the records:

TLSv1.0 and TLSv1.1 are now “officially” deprecated by the IETF since a few days:

A new VT reporting them as such (with a related severity) will arrive in the Feeds (GCF and GSF) in the next few days.