Nifcloud LB Using Insecure TLS Policy Name

• Query id: 675e8eaa-2754-42b7-bf33-bfa295d1601d
• Query name: Nifcloud LB Using Insecure TLS Policy Name
• Platform: Terraform
• Severity: Medium
• Category: Encryption
• CWE: 295
• URL: Github

Description

The LB using insecure TLS policy
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "nifcloud_load_balancer" "positive" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
}

Positive test num. 2 - tf file

resource "nifcloud_load_balancer" "positive" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
  ssl_policy_name    = "Standard Ciphers A ver1"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "nifcloud_load_balancer" "negative" {
  load_balancer_name = "example"
  instance_port      = 443
  load_balancer_port = 443
  ssl_policy_name    = "Standard Ciphers D ver1"
}