CVE-2015-2319
Description
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the FREAK issue, a different vulnerability than CVE-2015-0204.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.874
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Mono is a platform for running and developing applications (USN-2547-1) mono-runtime_2.10.8.1-1ubuntu2.3_i386.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) mono-runtime_2.10.8.1-1ubuntu2.3_amd64.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) mono-runtime_3.2.8+dfsg-4ubuntu1.1_i386.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) mono-runtime_3.2.8+dfsg-4ubuntu1.1_amd64.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) libmono-2.0-1_2.10.8.1-1ubuntu2.3_i386.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) libmono-2.0-1_2.10.8.1-1ubuntu2.3_amd64.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) libmono-2.0-1_3.2.8+dfsg-4ubuntu1.1_i386.deb | Linux |
| Mono is a platform for running and developing applications (USN-2547-1) libmono-2.0-1_3.2.8+dfsg-4ubuntu1.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234