Lucene search

K
nvd[email protected]NVD:CVE-2011-3389
HistorySep 06, 2011 - 7:55 p.m.

CVE-2011-3389

2011-09-0619:55:03
CWE-326
web.nvd.nist.gov
2

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.009

Percentile

82.3%

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a “BEAST” attack.

Affected configurations

NVD
Node
googlechromeMatch-
OR
microsoftinternet_explorerMatch-
OR
mozillafirefoxMatch-
OR
operaopera_browserMatch-
OR
microsoftwindowsMatch-
Node
siemenssimatic_rf68xr_firmwareRange<3.2.1
AND
siemenssimatic_rf68xrMatch-
Node
siemenssimatic_rf615r_firmwareRange<3.2.1
AND
siemenssimatic_rf615rMatch-
Node
haxxcurlRange7.10.67.23.1
Node
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_eusMatch6.2
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_server_ausMatch6.2
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
debiandebian_linuxMatch5.0
OR
debiandebian_linuxMatch6.0
Node
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch10.10
OR
canonicalubuntu_linuxMatch11.04
OR
canonicalubuntu_linuxMatch11.10

References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.009

Percentile

82.3%