Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)
Information
Severity
Severity
Medium
Family
Family
SSL and TLS
CVSSv2 Base
CVSSv2 Base
4.3
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Solution Type
Solution Type
Vendor Patch
Created
Created
9 years ago
Modified
Modified
5 years ago
Summary
This host is accepting 'RSA_EXPORT' cipher suites and is prone to man in the middle attack.
Insight
Insight
Flaw is due to improper handling RSA temporary keys in a non-export RSA key exchange cipher suite.
Affected Software
Affected Software
- Hosts accepting 'RSA_EXPORT' cipher suites - OpenSSL version before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k.
Detection Method
Detection Method
Check previous collected cipher suites saved in the KB.
Solution
Solution
- Remove support for 'RSA_EXPORT' cipher suites from the service. - If running OpenSSL update to version 0.9.8zd or 1.0.0p or 1.0.1k or later.