Ask the Community
Groups
CVE-2011-3389: SSL v3/TLS 1.0 BEAST security vulnerability - Connect IT Community | Kaseya
<main> <article class="userContent"> <h3 data-id="summary"><strong>SUMMARY</strong></h3> <p>The Unitrends system is not vulnerable to attacks from the BEAST vulnerability.</p> <h3 data-id="cve-id"><strong>CVE ID</strong></h3> <p>CVE-2011-3389</p> <h3 data-id="description"><strong>DESCRIPTION</strong></h3> <p></p> <p>The SSL protocol, as used in certain configurations, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plain-text HTTP headers via a block-wise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.<br><br>The attack uses web browser extensions to exploit a weakness in SSLv3/TLSv1.0 cipher-block chaining (CBC), allowing a man-in-the-middle attacker to recover certain session information, such as cookie data, from what should be a secure connection.</p> <h3 data-id="resolution"><strong>RESOLUTION</strong></h3> <p></p> <p>Unitrends assessment: No Risk<br><br>The Unitrends security updates disable TLSv1.0 and SSLv3. For the 3 attack methods: No Red Hat or CentOS version is vulnerable to the WebSockets method, the Unitrends software does not include Java applets, and Silverlight is not supported.</p> <h3 data-id="link-to-advisories"><strong>LINK TO ADVISORIES</strong></h3> <p></p> <ul><li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fweb.nvd.nist.gov%2Fview%2Fvuln%2Fdetail%3FvulnId%3DCVE-2011-3389%250D%250Ahttps%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2Fcve-2011-3389">https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389 https://access.redhat.com/security/cve/cve-2011-3389</a></li></ul> </article> </main>