Description
During the scan, Cytrix managed to detect that the application communicates using an unencrypted connection. It has being detected because Cytrix was able to establish connection to an unencrypted connection.
Without encryption in place, data transmitted between the client and server remains in plaintext, making it susceptible to interception, eavesdropping, or man-in-the-middle attacks by malicious actors.
Communicating over an unencrypted connection presents a grave security and privacy risk.
Sensitive data, including login credentials, personal information, or business-critical data, can be intercepted, viewed, or even modified in transit.
This could result in unauthorized access, data breaches, and data tampering.
This technique commonly occurs when a client communicates with the server over an insecure connection such as public Wi-Fi, or a corporate one and so on.
Recommendation
It is imperative to adopt encrypted communication protocols for all data transmissions.
Implementing transport-level encryption (SSL/TLS) by procuring and setting up a valid certificate from a trusted Certificate Authority (CA) for your application is essential to protect the communications being made between the client and the server.
Regularly renew and update the certificates and ensure adherence to best practices for SSL/TLS configurations to keep up with the cryptographic standards.
References
https://cwe.mitre.org/data/definitions/310.html
https://cwe.mitre.org/data/definitions/319.html
