Invicti detected that insecure transportation security protocol (SSLv2) is supported by your web server.
SSLv2 has several flaws. For example, your secure traffic can be observed when you have established it over SSLv2.
Attackers can perform man-in-the-middle attacks and observe the encryption traffic between your website and its visitors. Also an attacker can exploit vulnerabilities like DROWN.
Configure your web server to disallow using weak ciphers.
httpd.conf
.SSLProtocol +TLSv1.2nginx.conf
file and remove SSLv3
.ssl_protocols TLSv1.2;We recommended to disable SSLv2 and replace it with TLS 1.2 or higher. See Remedy section for more details.
You can search and find all vulnerabilities