Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-2566
HistoryMar 15, 2013 - 9:55 p.m.

CVE-2013-2566

2013-03-1521:55:00
CWE-326
[email protected]
web.nvd.nist.gov
619
cve-2013-2566
rc4 algorithm
tls protocol
ssl protocol
plaintext-recovery attacks
statistical analysis
ciphertext

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

References

Related

f5 2
nessus 8
prion 1
ubuntucve 1
ibm 2
checkpoint_advisories 1
openvas 8
threatpost 1
ubuntu 2
securityvulns 1
mageia 1
mozilla 1
ics 2
metasploit 1
gentoo 2
oracle 6
f5
f5
K14638 : TLS/SSL RC4 vulnerability CVE-2013-2566
2015-03-30 00:00:00
SOL14638 - TLS/SSL RC4 vulnerability CVE-2013-2566
2013-08-27 00:00:00
nessus
nessus
F5 Networks BIG-IP : TLS/SSL RC4 vulnerability (K14638)
2014-10-10 00:00:00
SSL/TLS Services Support RC4 (PCI DSS)
2018-01-29 00:00:00
SSL RC4 Cipher Suites Supported (Bar Mitzvah)
2013-04-05 00:00:00
prion
prion
Code injection
2013-03-15 21:55:00
ubuntucve
ubuntucve
CVE-2013-2566
2013-03-15 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in OpenSSL affect Proventia Network Active Bypass (CVE-2013-2566)
2018-06-16 21:24:40
Security Bulletin: Multiple vulnerabilities affect IBM Security SiteProtector Appliance (CVE-2013-2566, CVE-2014-6321, CVE-2015-0162)
2018-06-16 21:23:20
checkpoint_advisories
checkpoint_advisories
Weak SSL RC4 Cipher Suites (CVE-2013-2566; CVE-2015-2808)
2015-05-17 00:00:00
openvas
openvas
HPE Network Products Multiple Remote Vulnerabilities
2016-11-25 00:00:00
SSL/TLS: Report Weak Cipher Suites
2012-03-01 00:00:00
Ubuntu Update for thunderbird USN-2032-1
2013-11-26 00:00:00
threatpost
threatpost
5 Steps to Securing Your Network Perimeter
2021-09-27 20:29:43
ubuntu
ubuntu
Firefox vulnerabilities
2013-11-20 00:00:00
Thunderbird vulnerabilities
2013-11-21 00:00:00
securityvulns
securityvulns
Mozilla nss security vulnerabilities
2013-11-26 00:00:00
mageia
mageia
Updated firefox, rootcerts, nspr & nss packages fix security vulnerabilities
2013-11-21 00:54:49
mozilla
mozilla
Miscellaneous Network Security Services (NSS) vulnerabilities — Mozilla
2013-11-15 00:00:00
ics
ics
Mitsubishi Electric Air Conditioning Systems
2022-06-20 12:00:00
GE UR family
2021-03-16 12:00:00
metasploit
metasploit
SSL/TLS Version Detection
2022-11-01 03:42:40
gentoo
gentoo
Mozilla Network Security Service: Multiple vulnerabilities
2014-06-21 00:00:00
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2016
2016-04-19 00:00:00
Oracle Critical Patch Update - July 2016
2016-07-19 00:00:00
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.9%

JSON
Related for CVE-2013-2566
f52nessus8prion1ubuntucve1ibm2checkpoint_advisories1openvas8threatpost1ubuntu2securityvulns1mageia1mozilla1ics2metasploit1gentoo2oracle6