FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.

Details

Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.


Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2

macOS 'plist' file:
Add the following:
SSLVersionMin
tls1.2

Linux 'policies.json' file:
Add the following in the policies section:
'SSLVersionMin': tls1.2


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.


References


Source