Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-1473
HistoryJun 16, 2012 - 9:55 p.m.

CVE-2011-1473

2012-06-1621:55:02
CWE-264
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.4 High

AI Score

Confidence

High

0.598 Medium

EPSS

Percentile

97.8%

JSON

OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment

Affected configurations

NVD
Node
opensslopensslMatch0.9.8m
OR
opensslopensslMatch0.9.8mbeta1
OR
opensslopensslMatch0.9.8n
OR
opensslopensslMatch0.9.8o
OR
opensslopensslMatch0.9.8p
OR
opensslopensslMatch0.9.8r
OR
opensslopensslMatch0.9.8s
OR
opensslopensslMatch0.9.8t
OR
opensslopensslMatch0.9.8u
OR
opensslopensslMatch0.9.8v
OR
opensslopensslMatch0.9.8w
OR
opensslopensslMatch0.9.8x
Node
opensslopensslRange0.9.8k

References

Related

cve 2
f5 2
ubuntucve 2
prion 2
cvelist 2
openvas 3
nvd 1
ibm 2
nessus 12
kitploit 1
securityvulns 4
cve
cve
CVE-2011-5094
2022-10-03 16:15:12
CVE-2011-1473
2012-06-16 21:55:02
f5
f5
K15278 : SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
SOL15278 - SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
ubuntucve
ubuntucve
CVE-2011-5094
2012-06-16 00:00:00
CVE-2011-1473
2012-06-16 00:00:00
prion
prion
Design/Logic Flaw
2012-06-16 21:55:00
Design/Logic Flaw
2012-06-16 21:55:00
cvelist
cvelist
CVE-2011-5094
2022-10-03 16:15:12
CVE-2011-1473
2012-06-16 21:00:00
openvas
openvas
SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
2021-10-29 00:00:00
Sophos XG Firewall < 16.05.5 MR5 Multiple Vulnerabilities
2017-06-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0469-1)
2021-06-09 00:00:00
nvd
nvd
CVE-2011-5094
2012-06-16 21:55:02
ibm
ibm
Security Bulletin: Multiple vulnerabilities in TLS in Cloud Pak for Automation
2020-01-06 16:35:53
Security Bulletin: A vulnerability in SSL implementation affects IBM SPSS Statistics Server
2020-11-10 18:20:12
nessus
nessus
Juniper Junos SSL/TLS Renegotiation DoS (JSA10580)
2013-07-16 00:00:00
SSL / TLS Renegotiation DoS
2011-05-04 00:00:00
Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280)
2019-05-23 00:00:00
kitploit
kitploit
Pentmenu - A simple Bash Script for Recon and DOS Attacks
2016-08-14 14:30:00
securityvulns
securityvulns
ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities
2014-04-07 00:00:00
RSA BSAFE multiple security vulnerabilities
2014-04-07 00:00:00
[security bulletin] HPSBMU02776 SSRT100852 rev.1 - HP Onboard Administrator &#40;OA&#41;, Remote Unauthorized Access to Data, Unauthorized Disclosure of Information Denial of Service &#40;DoS&#41;
2012-06-17 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.4 High

AI Score

Confidence

High

0.598 Medium

EPSS

Percentile

97.8%

JSON
Related for NVD:CVE-2011-1473
cve2f52ubuntucve2prion2cvelist2openvas3nvd1ibm2nessus12kitploit1securityvulns4