Cisco AnyConnect Secure Mobility Client SSL 3.0 Protocol Downgrade Flaw Lets
Remote Users Decrypt SSL Traffic
SecurityTracker Alert ID: 1031085
SecurityTracker URL: http://securitytracker.com/id/1031085
CVE Reference: CVE-2014-3566 (Links to External Site)
Date: Oct 21 2014
Impact: Disclosure of system information, Disclosure of user information
Vendor Confirmed: Yes Exploit Included: Yes
http://goo.gl/jj6Kop
雖然有點晚了
但大家偶爾可以上去看看弱點攻擊的邏輯是什麼