Description
Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
Remediation
References
Related Vulnerabilities
Ruby Inadequate Encryption Strength Vulnerability (CVE-2011-4121)
MySQL Improper Validation of Array Index Vulnerability (CVE-2022-21310)
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Cross-Site Scripting (6.8.0)