WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Inadequate Encryption Strength Vulnerability (CVE-2013-2566)

Description

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

Remediation

References

Related Vulnerabilities

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Request Forgery (3.2.11)

phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)

Apache HTTP Server Other Vulnerability (CVE-2003-0016)

Oracle JRE CVE-2017-10309 Vulnerability (CVE-2017-10309)

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (5.7.26)

Severity

Medium

Classification

CVE-2013-2566 CWE-326 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities