The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-10-17 16:55
Updated : 2013-10-18 10:46
NVD link : CVE-2013-6169
Mitre link : CVE-2013-6169
JSON object : View
CWE
CWE-310
Cryptographic Issues
Products Affected
process-one
- ejabberd