Currently we still support three different ciphersuites that are considered weak:
ECDHE-ECDSA-AES128-SHA (TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA)ECDHE-RSA-AES128-SHA (TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)DHE-RSA-AES128-SHA (TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
ciphersuites using CBC block mode instead of GCM are considered weak since the disclosure of several attacks against CBC during 2019, specifically Zombie POODLE and GoldenPOODLE, a nice introduction to those attacks can be found here: https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/