Description

The FREAK attack is a SSL/TLS vulnerability that allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use 'export-grade' cryptography, which can then be decrypted or altered. Websites that support RSA export cipher suites are at risk to having HTTPS connections intercepted.

Remediation

Reconfigure the affected SSL/TLS server to disable support for any export suites. Mozilla has published a guide and SSL Configuration Generator, which will generate known good configurations for common servers.

References

Related Vulnerabilities