CVE-1999-0428
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-0428 is a vulnerability affecting OpenSSL and SSLeay that allows remote attackers to reuse SSL sessions and bypass access controls. This issue enables an attacker to gain unauthorized access to secured communications, potentially leading to data theft or manipulation. The vulnerability occurs due to the failure to properly validate SSL session identifiers, allowing an attacker to impersonate a legitimate user and reuse their SSL session. The impact of this vulnerability can be significant, as it undermines the security of SSL-protected communications. Organizations using OpenSSL or SSLeay are strongly advised to apply the available updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- OpenSSL
Affected Vendors
- Shining Light Productions