Description
During the scan, Kayran was able to establish a connection to an unencrypted connection. An attacker can intercept and modify data sent and received from this site.
Bussines Impact
To exploit this vulnerability, the attacker must be properly placed to eavesdrop on the victim’s network traffic.
This technique commonly occurs when a client communicates with the server over an insecure connection such as public Wi-Fi, a corporate, etc.
Recommendation
The application should use transport-level encryption (SSL/TLS) to protect the communications between the client and the server.