Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Internet Bug Bounty: FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers

🗓️ 05 Mar 2015 16:06:18Reported by prosecco-inriaType 
hackerone
 hackerone🔗 hackerone.com👁 168 Views

FREAK vulnerability allows attackers to impersonate TLS servers with weak EXPORT_RSA ciphersuites, affecting various TLS client libraries including SecureTransport, SChannel, OpenSSL, BoringSSL, and LibReSSL. Vulnerable servers include www.nsa.gov and connect.facebook.net. Countermeasures include discontinuing support for EXPORT_RSA ciphersuites

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
ReporterTitlePublishedViews
Family
CISA		FREAK
6 Mar 201500:00
cisa
Cisco		OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability
13 Jan 201519:57
cisco
OpenSSL		Vulnerability in OpenSSL - RSA silently downgrades to EXPORT_RSA [Client]
6 Jan 201500:00
openssl
IBM Security Bulletins		Security Bulletin: Vulnerabilities in OpenSSL affect DataQuant for Workstation (CVE-2015-0204)
11 Feb 202116:57
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in OpenSSL affects IBM® DB2® LUW (CVE-2015-0204)
16 Jun 201813:36
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)
18 Jun 201800:09
ibm
IBM Security Bulletins		Security Bulletin: OpenSSL vulnerabilities for Rational Automation Framework Security Advisory (CVE-2015-0204)
17 Jun 201805:01
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in OpenSSL affect IBM Chassis Management Module (CMM) (CVE-2015-0204)
31 Jan 201901:55
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in OpenSSL affect Cognos Insight (CVE-2015-0204)
15 Jun 201822:36
ibm
IBM Security Bulletins		Security Bulletin: FREAK vulnerability in TLS/SSL affects IBM CICS Transaction Gateway (CVE-2015-0204)
15 Jun 201807:02
ibm
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
05 Mar 2015 16:18Current
6.2Medium risk
Vulners AI Score6.2
EPSS0.92433
freak vulnerabilityimpersonation attackexport_rsa ciphersuitestls client librariesvulnerable serverscountermeasures
168
.json
Report