Lucene search

SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

🗓️ 06 Mar 2015 00:00:00Reported by CERTType

SSL/TLS implementations vulnerable to FREAK attack by accepting weak RSA key

Reporter	Title	Published	Views	Family All 199
CISA	FREAK	6 Mar 201500:00	–	cisa
Cisco	OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability	13 Jan 201519:57	–	cisco
Hacker One	Internet Bug Bounty: FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers	5 Mar 201516:18	–	hackerone
F5 Networks	K16139 : OpenSSL vulnerability CVE-2015-0204	2 Oct 201500:00	–	f5
F5 Networks	SOL16139 - OpenSSL vulnerability CVE-2015-0204	12 Feb 201500:00	–	f5
F5 Networks	SOL16903 - Microsoft Schannel vulnerability CVE-2015-1637	13 Jul 201500:00	–	f5
F5 Networks	K16903 : Microsoft Schannel vulnerability CVE-2015-1637	13 Jul 201500:00	–	f5
IBM Security Bulletins	Security Bulletin: OpenSSL vulnerabilities for Rational Automation Framework Security Advisory (CVE-2015-0204)	17 Jun 201805:01	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)	18 Jun 201800:09	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSL affects IBM® DB2® LUW (CVE-2015-0204)	16 Jun 201813:36	–	ibm

Source	Link
blog	www.blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html
smacktls	www.smacktls.com/
cwe	www.cwe.mitre.org/data/definitions/757.html
cwe	www.cwe.mitre.org/data/definitions/326.html
tools	www.tools.ietf.org/html/rfc4346

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2015 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS24.3

EPSS0.92868