AnsweredAssumed Answered

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability - PASS

Question asked by Juan López on Apr 16, 2012
Latest reply on Apr 18, 2012 by Bernie Weidel

I havea doubt, why qualys give me a compliance to this vulnerability(CVE-2011-3389 and QID:42366) If this CVE is equal to CVSS 4.3?


Or maybe this is a Brute Force?  But this attack not results in a password lockout.


Other is that is a vulnerability of the client-side but why qualys give me a mitigation for the server?



Tksin advanced.