AnsweredAssumed Answered

QID 38601 Severity Reclassification

Question asked by jp840 on Jun 24, 2015
Latest reply on Jun 25, 2015 by Robert Dell'Immagine

Qualys recently reclassified CVE-2013-2566 / QID 38601--SSL/TLS use of weak RC4 cipher from a severity 1 to a 3.  The stated reason is because the NVD changed the CVSS access complexity rating from high to medium on 3/12/15, which thus raised the CVSS score.

 

Does anyone have any more information on this?  Specifically, what prompted the NVD to revise the access complexity rating?

Outcomes