TLS1/SSLv3 Renegotiation Vulnerability

Description
  • A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. This issue affects SSL version 3.0 and newer and TLS version 1.0 and newer.
Remediation
  • Users should contact vendors for specific patch information.
References