Описание
Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.31532
Средний
4.3 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434.
EPSS
Процентиль: 97%
0.31532
Средний
4.3 Medium
CVSS2
Дефекты
CWE-310