In the course of my cyber security job, a security scan flagged some servers as having the SSL / TLS renegotiation Handshake MITM vulnerability.
What does this vulnerability mean?
The remote service encrypts traffic using TLS / SSL but allows a client to insecurely renegotiate the connection after the initial handshake. An unauthenticated, remote attacker may be able to leverage this issue to inject an arbitrary amount of plaintext into the beginning of the application protocol stream, which could facilitate man-in-the-middle attacks if the service assumes that the sessions before and after renegotiation are from the same 'client' and merges them at the application layer.
Data Received: SSLv3 supports insecure renegotiation.
That's not all, a DDOS attack is also imminent as the remote server takes more resources when treating requests from the malicious client.
How to remediate this?
You can use the AllowInsecureRenegoClients and the AllowInsecureRenegoServers entry DWORD values in the following registry path to enable strict mode on the client or on the server:
Create a DWORD: DisableRenegoOnClient with value 1
Create a DWORD: DisableRenegoOnServer with value 1
This may cause issues with applications requiring SSL/TLS Renegotiation feature.