The web application seems to be vulnerable to the LUCKY13 attack. LUCKY13 is a timing attack that can be used against servers implementing some versions of the TLS protocol (1.1 and 1.2) that support cipher suites that use cipher block chaining (CBC). It has the potential to allow attackers to work out the contents of encrypted communications between the client and server.
The web application seems to be vulnerable to the LUCKY13 attack. LUCKY13 is a timing attack that can be used against servers implementing some versions of the TLS protocol (1.1 and 1.2) that support cipher suites that use cipher block chaining (CBC). It has the potential to allow attackers to work out the contents of encrypted communications between the client and server.
Severity: Informational
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS Score: 0.0
Recommendation: Disable support for TLS cipher suites that use cipher block chaining (CBC) mode.