A server vulnerable for BEAST (Browser Exploit Against SSL/TLS) has the problem: By using weaknesses in cipher block chaining, an attacker can use a Man-In-The-Middle attacks to decrypt and obtain authentication tokens.
Security Assessment
CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Vulnerability Information
A server vulnerable for BEAST (Browser Exploit Against SSL/TLS) has the problem: By using weaknesses in cipher block chaining, an attacker can use a Man-In-The-Middle attacks to decrypt and obtain authentication tokens.
Guides
To prevent the BEAST vulnerability, make sure that neither the protocol versions SSL3 or TLS1 are used.
For a setup, refer to: Secure TLS Configuration
For more information about Crashtest Security visit crashtest-security.com
