Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2011-1473
HistoryJun 16, 2012 - 9:55 p.m.

Design/Logic Flaw

2012-06-1621:55:00
PRIOn knowledge base
www.prio-n.com

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.737 High

EPSS

Percentile

98.0%

JSON

DISPUTED OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment.

References

Related

prion 1
ubuntucve 2
cve 2
openvas 3
f5 2
ibm 2
nessus 6
kitploit 1
securityvulns 4
prion
prion
Design/Logic Flaw
2012-06-16 21:55:00
ubuntucve
ubuntucve
CVE-2011-1473
2012-06-16 00:00:00
CVE-2011-5094
2012-06-16 00:00:00
cve
cve
CVE-2011-1473
2012-06-16 21:55:00
CVE-2011-5094
2012-06-16 21:55:00
openvas
openvas
SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
2021-10-29 00:00:00
Sophos XG Firewall < 16.05.5 MR5 Multiple Vulnerabilities
2017-06-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0469-1)
2021-06-09 00:00:00
f5
f5
SOL15278 - SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
K15278 : SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in TLS in Cloud Pak for Automation
2020-01-06 16:35:53
Security Bulletin: A vulnerability in SSL implementation affects IBM SPSS Statistics Server
2020-11-10 18:20:12
nessus
nessus
Juniper Junos SSL/TLS Renegotiation DoS (JSA10580)
2013-07-16 00:00:00
Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280)
2019-05-23 00:00:00
SSL / TLS Renegotiation DoS
2011-05-04 00:00:00
kitploit
kitploit
Pentmenu - A simple Bash Script for Recon and DOS Attacks
2016-08-14 14:30:00
securityvulns
securityvulns
ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities
2014-04-07 00:00:00
RSA BSAFE multiple security vulnerabilities
2014-04-07 00:00:00
[security bulletin] HPSBMU02776 SSRT100852 rev.1 - HP Onboard Administrator &#40;OA&#41;, Remote Unauthorized Access to Data, Unauthorized Disclosure of Information Denial of Service &#40;DoS&#41;
2012-06-17 00:00:00

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.737 High

EPSS

Percentile

98.0%

JSON
Related for PRION:CVE-2011-1473
prion1ubuntucve2cve2openvas3f52ibm2nessus6kitploit1securityvulns4