Description
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom Field Suite Security Bypass (2.4)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)
WebLogic CVE-2019-2398 Vulnerability (CVE-2019-2398)
MongoDb Other Vulnerability (CVE-2019-20923)
WordPress Plugin WP-Footnotes 'admin_panel.php' Multiple Remote Vulnerabilities (2.2)