Weak Ciphers Detected

After running a vulnerability scan on my application, the Netsparker returned a Weak Ciphers issue.

The resolution tells me to modify the registry like so:

• click Run, type regedt32 or type regedit, and then click OK.

• In Registry Editor, locate the following registry key : HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders

• Set "Enabled" DWORD to "0x0" for the following registry keys:

SCHANNEL\Ciphers\DES 56/56

SCHANNEL\Ciphers\RC4 64/128

SCHANNEL\Ciphers\RC4 40/128

SCHANNEL\Ciphers\RC2 56/128

SCHANNEL\Ciphers\RC2 40/128

SCHANNEL\Ciphers\NULL

SCHANNEL\Hashes\MD5

But when I go to Ciphers, all I see is "Default".

Am I missing something? How to correct this problem?

Solution

Most of the time configuration settings have default values; if they are not present you will have to create them.

How to securely allow Github Actions to check PR and post results in comment
Where is the PEM file format specified?
How to best validate JSON on the server-side
Sizeof vs array size
How to make copilot not leak secret credentials with Neovim plugin?
Does the client knowing all the endpoint names pose a security risk?
Securing a client-side API
How to disable security in Quarkus
SNC name of ABAP System
Is MD5 a good way to generate account verification code
Is there any relationship between Secure Boot and Kernel Lockdown?
CryptographicException: Access denied - How to give access on User store?
How to use an API from my mobile app without someone stealing the token
Symfony security component - Unable to find key \"username\" in the token payload
Is it a good praxis to secure an webservice endpoint with a simple token string?
Can using access token alone prevent CSRF attack, since browser prevents accessing cookies of another site?
Are there CSRF attacks that don't use cookies?
How does Double Submit Cookie Pattern Prevent against CSRF attacks?
vulnerable Tomcat 10.1.31 embedded in Artifactory 7.98.13
Why CSRF token should be in meta tag and in cookie?
How can I prevent SQL injection in PHP?
How/why is login page redirect required?
Do Electron apps enforce CORS restrictions in the renderer process?
How can i use a reverse shell over global Internet?
Should I Manually Patch the Pandas DataFrame.query() Vulnerability or Wait for an Official Update?
C# - Securely storing a password locally
how to secure keys for API calls from android device to amazon services
Should I add application.properties to .gitignore if the Git repository is private and both the server and DB are on an internal network?
Understanding the port numbers of a network connection strings in systemd output of an ubuntu device
Disable firefox same origin policy