AWS > ELB >

ELBv2 TLS Version and Cipher Header Disabled

LOW
Source
CloudSploit
ID
elbv2-tls-version-and-cipher-header-disabled

ELBv2 TLS Version and Cipher Header Disabled

Ensures that AWS ELBv2 load balancers does not have TLS version and cipher headers enabled.

TLS Version and Cipher Header provides information about the specific TLS version and cipher suite used during the establishment of the secure connection. Enabling the header might leak the sensitive information about the encryption protocols and algorithms being used

Update ELBv2 load balancer traffic configuration to disable TLS version and cipher headers