Firefox must be configured to allow only TLS 1.2 or above.

An XCCDF Rule

Details
Profiles
Prose

Description

Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.

ID: SV-251546r879889_rule
Severity: High
References: CCI-001453
Updated: about 8 hours ago

Remediation Templates

Windows group policy:
1. Open the group policy editor tool with "gpedit.msc".
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\
Policy Name: Minimum SSL version enabled
Policy State: Enabled
Policy Value: TLS 1.2   (or TLS 1.3)
macOS "plist" file:
Add the following:
<key>SSLVersionMin</key>
<string>tls1.2</string>   (or <string>tls1.3</string>)

Linux "policies.json" file:
Add the following in the policies section:
"SSLVersionMin": "tls1.2"   or ("SSLVersionMin": "tls1.3")

Firefox must be configured to allow only TLS 1.2 or above.

Description

Remediation Templates

A Manual Procedure