A high severity infra vulnerability has been discovered.
Infra Group: test2,test79 - test
Scanner Name: rapid7infra
Target: 172.67.159.157 : 443
CVE: CVE-2011-3389
Service: HTTPS
Exploitable: true
Protocol: tcp
Proof: Negotiated with the following insecure cipher suites: TLS 1.0 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Tool Description: The SSL protocol, as used in certain configurations of Microsoft Windows and browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera (and other products negotiating SSL connections) encrypts data by using CBC mode with chained initialization vectors. This potentially allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. By supporting the affected protocols and ciphers, the server is enabling the clients in to being exploited..
CVSS2 score: 4.300000
Service Name:
Port:
Protocol:
Proof:
Service Name: HTTPS
Port: 443
Protocol: tcp
Proof: Negotiated with the following insecure cipher suites: TLS 1.0 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
A high severity infra vulnerability has been discovered.
Infra Group: test2,test79 - test
Scanner Name: rapid7infra
Target: 172.67.159.157 : 443
CVE: CVE-2011-3389
Service: HTTPS
Exploitable: true
Protocol: tcp
Tool Description: The SSL protocol, as used in certain configurations of Microsoft Windows and browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera (and other products negotiating SSL connections) encrypts data by using CBC mode with chained initialization vectors. This potentially allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. By supporting the affected protocols and ciphers, the server is enabling the clients in to being exploited.. CVSS2 score: 4.300000 Service Name: Port: Protocol: Proof: Service Name: HTTPS Port: 443 Protocol: tcp Proof: Negotiated with the following insecure cipher suites: TLS 1.0 ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Kondukto Link: https://9a4f-104-155-30-65.ngrok-free.app/projects/6703db4e0fadccdc7e5dfc4c/vulns/infra?page=1&perPage=15&id=in:672b2208b6c9a7516937c081 Deeplink: https://10.20.104.26:3780//vulnerability/vuln-summary.jsp?vulnid=ssl-cve-2011-3389-beast