Описание
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:novell:open_enterprise_server:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other