Use Secure Tls Policy | Vulnerability Database

Web App uses latest TLS version

Use a more recent TLS/SSL policy for the App Service

Impact

The minimum TLS version for apps should be TLS1_2

Recommended Actions

Follow the appropriate remediation steps below to resolve the issue.

Log in to the Microsoft Azure Management Console.
Find the search bar at the top and search for App Services.
Select the “App Service” by clicking on “Name” to go to its configuration.
Scroll down the selected “App Services” left navigation panel and under “Settings” click on the “TLS/SSL settings” option.
On the “TLS/SSL settings” page select the Bindings tab, scroll down and under the “Protocol Settings” check the “Minimum TLS Version”. It’s recommended to use only latest version (1.2) of TLS.
If the “App Service” is not using the latest version of the TLS then select 1.2 from the slider.
Wait for the confirmation box to save changes.
Repeat steps number 3 - 7 to verify all other “Apps” are using latest TLS version in the account.

The TLS version being outdated and has known vulnerabilities

1
2
3
4
5
6
7


 resource "azurerm_app_service" "good_example" {
   name                = "example-app-service"
   location            = azurerm_resource_group.example.location
   resource_group_name = azurerm_resource_group.example.name
   app_service_plan_id = azurerm_app_service_plan.example.id
 }
 

Remediation Links

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#min_tls_version