AES-CBC (the core of nip04) has been removed from many crypto suites, including TLS 1.3, due the many security issues in poor implementations, mostly related to oracle padding attacks, which are also possible in nip04.