AnsweredAssumed Answered

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability - PASS

Question asked by Juan López on Apr 16, 2012
Latest reply on Apr 18, 2012 by Bernie Weidel

I havea doubt, why qualys give me a compliance to this vulnerability(CVE-2011-3389 and QID:42366) If this CVE is equal to CVSS 4.3?

 

Or maybe this is a Brute Force?  But this attack not results in a password lockout.

 

Other is that is a vulnerability of the client-side but why qualys give me a mitigation for the server?

 

 

Tksin advanced.


Outcomes