Prevent SSL BEAST

A server vulnerable for BEAST (Browser Exploit Against SSL/TLS) has the problem: By using weaknesses in cipher block chaining, an attacker can use a Man-In-The-Middle attacks to decrypt and obtain authentication tokens.

Security Assessment

Security_Assessment_PreventSSLBEAST

CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

A server vulnerable for BEAST (Browser Exploit Against SSL/TLS) has the problem: By using weaknesses in cipher block chaining, an attacker can use a Man-In-The-Middle attacks to decrypt and obtain authentication tokens.

Guides

To prevent the BEAST vulnerability, make sure that neither the protocol versions SSL3 or TLS1 are used.

For a setup, refer to: Secure TLS Configuration

For more information about Crashtest Security visit crashtest-security.com