CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
The TLS Signaling Cipher Suite Value (SCSV) is a protection against TLS/SSL downgrade attacks. If enabled, the server makes sure that the strongest protocol that both client and server understand, is used. If disabled and the TLS negotiation produces a weaker protocol, an attacker may have eavesdropped the connection and changed the request in a way, that he can break the encryption due to a weak protocol.
Follow this guide to enable TLS_FALLBACK_SCSV:
When OpenSSL is used as base for the SSL/TLS encryption (e.g. for an Apache or Nginx webserver), update it to the latest version. The following versions are known to support TLS_FALLBACK_SCSV:
apt-get update; apt-get upgrade # Debian / Ubuntu
yum update # RHeL / CentOS
pacman -Syu # Arch Linux