Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2013-2566 | First vendor Publication | 2013-03-15 |
| Vendor | Cve | Last vendor Modification | 2020-11-23 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | |||
|---|---|---|---|
| Overall CVSS Score | 5.9 | ||
| Base Score | 5.9 | Environmental Score | 5.9 |
| impact SubScore | 3.6 | Temporal Score | 5.9 |
| Exploitabality Sub Score | 2.2 | ||
| Attack Vector | Network | Attack Complexity | High |
| Privileges Required | None | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | None | Availability Impact | None |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2566 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-326 | Inadequate Encryption Strength |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:19915 | |||
| Oval ID: | oval:org.mitre.oval:def:19915 | ||
| Title: | RC4 algorithm vulnerability | ||
| Description: | The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-2566 | Version: | 11 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Opera Browser Mozilla Firefox |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2013-11-21 | IAVM : 2013-A-0220 - Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0042380 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-04-06 | SSLv3 Client Hello attempt RuleID : 41807 - Revision : 3 - Type : POLICY-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14638.nasl - Type : ACT_GATHER_INFO |
| 2014-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-19.nasl - Type : ACT_GATHER_INFO |
| 2013-11-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2032-1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-270.nasl - Type : ACT_GATHER_INFO |
| 2013-11-21 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2031-1.nasl - Type : ACT_GATHER_INFO |
| 2013-04-05 | Name : The remote service supports the use of the RC4 cipher. File : ssl_rc4_supported_ciphers.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-10 01:21:24 |
|
| 2024-02-02 01:23:17 |
|
| 2024-02-01 12:06:54 |
|
| 2023-09-05 12:22:00 |
|
| 2023-09-05 01:06:48 |
|
| 2023-09-02 12:22:01 |
|
| 2023-09-02 01:06:54 |
|
| 2023-08-22 12:19:45 |
|
| 2023-07-14 01:06:41 |
|
| 2023-03-28 12:06:55 |
|
| 2022-10-11 01:06:35 |
|
| 2021-11-30 01:13:30 |
|
| 2021-09-22 01:12:51 |
|
| 2021-05-05 01:13:07 |
|
| 2021-05-04 12:26:52 |
|
| 2021-04-22 01:32:33 |
|
| 2021-03-27 01:10:46 |
|
| 2020-12-24 01:09:42 |
|
| 2020-12-23 01:09:46 |
|
| 2020-11-24 00:22:46 |
|
| 2020-05-24 01:11:20 |
|
| 2020-05-23 00:37:07 |
|
| 2018-01-18 21:22:33 |
|
| 2017-10-20 09:22:58 |
|
| 2016-12-22 09:23:33 |
|
| 2016-12-08 09:23:27 |
|
| 2016-11-29 00:24:49 |
|
| 2016-11-22 09:22:59 |
|
| 2016-10-26 09:22:40 |
|
| 2016-09-28 09:23:38 |
|
| 2016-07-22 12:02:15 |
|
| 2016-04-27 09:32:08 |
|
| 2016-04-22 09:25:13 |
|
| 2015-05-12 09:27:12 |
|
| 2015-04-09 13:28:34 |
|
| 2015-03-13 00:21:57 |
|
| 2014-10-11 13:26:17 |
|
| 2014-07-18 09:21:47 |
|
| 2014-06-24 13:22:30 |
|
| 2014-02-17 11:19:48 |
|
| 2014-01-28 13:19:36 |
|
| 2013-11-25 17:21:15 |
|
| 2013-11-25 13:20:53 |
|
| 2013-05-10 22:30:28 |
|
| 2013-04-20 13:19:53 |
|
| 2013-03-27 17:18:31 |
|
| 2013-03-21 13:18:39 |
|
| 2013-03-21 00:18:59 |
|
| 2013-03-16 18:31:08 |
|
