CVE-1999-0428

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Mar 22, 1999
Updated: Oct 13, 2020
CWE ID 384

Summary

CVE-1999-0428 is a vulnerability affecting OpenSSL and SSLeay that allows remote attackers to reuse SSL sessions and bypass access controls. This issue enables an attacker to gain unauthorized access to secured communications, potentially leading to data theft or manipulation. The vulnerability occurs due to the failure to properly validate SSL session identifiers, allowing an attacker to impersonate a legitimate user and reuse their SSL session. The impact of this vulnerability can be significant, as it undermines the security of SSL-protected communications. Organizations using OpenSSL or SSLeay are strongly advised to apply the available updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • OpenSSL

Affected Vendors

  • Shining Light Productions