Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SSL and TLS
Title:SSL/TLS: Report 'Anonymous' Cipher Suites
Summary:This routine reports all 'Anonymous' SSL/TLS cipher suites accepted by a service.
This routine reports all 'Anonymous' SSL/TLS cipher suites accepted by a service.

Vulnerability Insight:
Services supporting 'Anonymous' cipher suites could allow a client to negotiate a
SSL/TLS connection to the host without any authentication of the remote endpoint.

Vulnerability Impact:
This could allow remote attackers to obtain sensitive information
or have other, unspecified impacts.

The configuration of this services should be changed so
that it does not accept the listed 'Anonymous' cipher suites anymore.

Please see the references for more resources supporting you in this task.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 28482
BugTraq ID: 69754
Common Vulnerability Exposure (CVE) ID: CVE-2007-1858
BugTraq ID: 64758
Bugtraq: 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Google Search)
Bugtraq: 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (Google Search)
HPdes Security Advisory: HPSBMU02744
HPdes Security Advisory: SSRT100776
SuSE Security Announcement: SUSE-SR:2008:007 (Google Search)
XForce ISS Database: tomcat-ssl-security-bypass(34212)
Common Vulnerability Exposure (CVE) ID: CVE-2014-0351
CERT/CC vulnerability note: VU#730964
XForce ISS Database: fortios-cve20140351-mitm(96119)
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.