DROWN Attack — More than 11 Million OpenSSL HTTPS Websites at Risk

🗓️ 01 Mar 2016 07:00:11Reported by Swati KhandelwalType

A critical DROWN attack in OpenSSL puts 11 million websites at risk of decryption and man-in-the-middle attacks

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 159
Veracode	Information Disclosure	6 Feb 201702:50	–	veracode
Hacker One	Internet Bug Bounty: Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)	12 May 201605:53	–	hackerone
UbuntuCve	CVE-2016-0703	1 Mar 201600:00	–	ubuntucve
Tenable Nessus	Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0703)	13 Mar 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2016-0703	4 Mar 202500:00	–	nessus
Tenable Nessus	Arista Networks EOS Multiple Vulnerabilities (SA0018) (DROWN)	28 Feb 201800:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : OpenSSL vulnerabilities (SOL95463126) (DROWN)	16 Mar 201600:00	–	nessus
Tenable Nessus	Amazon Linux AMI : openssl098e (ALAS-2016-682) (DROWN)	7 Apr 201600:00	–	nessus
Tenable Nessus	CentOS 6 / 7 : openssl098e (CESA-2016:0372) (DROWN)	9 Mar 201600:00	–	nessus
Tenable Nessus	Scientific Linux Security Update : openssl098e on SL6.x, SL7.x i386/x86_64 (20160309) (DROWN)	10 Mar 201600:00	–	nessus

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Mar 2016 07:11Current

6.1Medium risk

Vulners AI Score6.1

EPSS0.05989