DE

How to Prevent CCS Injection

In this article:

The server is vulnerable to CCS Injections. Malicious intermediate nodes can intercept encrypted data and decrypt it by forcing SSL clients to use a weak key.

CCS Injection Security Assessment

Security Assessment Prevent CCS Injection

CVSS Vector: AV:N/AC:M/AU:N/C:P/I:P/A:P

CCS Injection Vulnerability Information

The server is vulnerable to CCS Injections. Malicious intermediate nodes can intercept encrypted data and decrypt it by forcing SSL clients to use a weak key.

How to Prevent CCS Injection

Follow the guide to preventing CCS injections:

OpenSSL

Update OpenSSL to the latest version. The following versions are known to prevent CCS injections:

  • OpenSSL 1.0.1h
  • OpenSSL 1.0.0m
  • OpenSSL 0.9.8za

E.g., run:

apt-get update; apt-get upgrade # Debian / Ubuntu
yum update                      # RHeL / CentOS
pacman -Syu                     # Arch Linux
Prevention Guide for SSL/TLS Vulnerabilities

Prevention Guide

Learn how to detect and prevent different kinds of SSL/TLS vulnerabilities.

Download

Get a quick security audit of your website for free now

We are analyzing https://example.com
Scanning target https://example.com
Scan status: In progress
Scan target: http://example.com/laskdlaksd/12lklkasldkasada.a
Date: 24/06/2022
Crashtest Security Suite will be checking for:
Information disclosure Known vulnerabilities SSL misconfiguration Open ports
Complete your scan request
Please fill in your details receive the
quick security audit by email.
Security specialist is analyzing your scan report.
То verify your identity please provide your phone/mobile:
Thank you.
We have received your request.
As soon as your security audit is ready, we will notify you.