LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

BEAST Attack (CVE-2011-3389)

Description

During the scan, Cytrix managed to find a BEAST Attack (CVE-2011-3389) vulnerability.
BEAST stands for : Browser Exploit Against SSL/TLS.
The Browser Exploit Against SSL/TLS attack affects the TLS 1.0 \1.1 protocols.

This allows an attacker to decrypt the contents of an SSL-encrypted or TLS-encrypted sessions between a web browser and the website.

On 23 September 2011, researchers demonstrated a new attack called BEAST at a security conference in Argentina, as reported by various media outlets worldwide.
BEAST attacks are not easy to perform. The attacker needs to chain another exploit to become a Man-In-The-Middle and inject the content into the data stream.

Severity/Score

CVSS Version 2.0 – 4.3 Medium

Recommendation

In order to mitigate this vulnerability please Enable TLS 1.2 or TLS 1.3 on servers that support these protocols. Also, enable TLS 1.2 or TLS 1.3 in web browsers that support these protocols.

References

https://blog.mozilla.org/security/2011/09/27/attack-against-tls-protected-communications/

https://cwe.mitre.org/data/definitions/326.html

< Return to all Vulnerabilities

Request a Demo

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Cytrix! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin