Описание
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
Ссылки
- Vendor Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
The TLS stack in Mono before 3.12.1 makes it easier for remote attacke ...
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
EPSS
7.5 High
CVSS3
5 Medium
CVSS2