DROWN (Decrypting RSA with Obsolete and Weakened encryption) is an attack on the old SSL v2 protocol version. Read here, how you can prevent SSL DROWN.

Table of contents
  1. SSL DROWN Security Assessment
  2. SSL DROWN Vulnerability Information
  3. How to Prevent SSL DROWN

SSL DROWN Security Assessment

Security Assessment Prevent SSL DROWN

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

SSL DROWN Vulnerability Information

DROWN (Decrypting RSA with Obsolete and Weakened encryption) is an attack on the old SSL v2 protocol version. The TLS protocol suite supports the insecure SSL v2 protocol and attacks using this vulnerability can leak the session key for a captured TLS handshake.

How to Prevent SSL DROWN

To prevent DROWN do not use the deprecated SSL v2 protocol version. Therefore refer to Secure TLS Configuration

See If Your Web App Or API Has Security Vulnerabilities

SCAN FOR FREE NOW