CVE Vulnerabilities

CVE-2013-6169

Published: Oct 17, 2013 | Modified: Oct 18, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.

Affected Software

Name Vendor Start Version End Version
Ejabberd Process-one 2.1.9 2.1.9
Ejabberd Process-one 2.1.7 2.1.7
Ejabberd Process-one 2.0.5 2.0.5
Ejabberd Process-one 2.1.10 2.1.10
Ejabberd Process-one 0.9.1 0.9.1
Ejabberd Process-one 2.1.11 2.1.11
Ejabberd Process-one 2.0.3 2.0.3
Ejabberd Process-one 1.1.1.1 1.1.1.1
Ejabberd Process-one 1.1.2 1.1.2
Ejabberd Process-one 0.9.8 0.9.8
Ejabberd Process-one * 2.1.12
Ejabberd Process-one 1.1.14 1.1.14
Ejabberd Process-one 2.0.0 2.0.0
Ejabberd Process-one 2.0.0 2.0.0
Ejabberd Process-one 2.1.8 2.1.8
Ejabberd Process-one 2.1.2 2.1.2
Ejabberd Process-one 2.1.0 2.1.0
Ejabberd Process-one 1.1.0 1.1.0
Ejabberd Process-one 2.1.6 2.1.6
Ejabberd Process-one 2.1.5 2.1.5
Ejabberd Process-one 2.1.3 2.1.3
Ejabberd Process-one 2.0.1_2 2.0.1_2
Ejabberd Process-one 1.1.1 1.1.1
Ejabberd Process-one 2.0.4 2.0.4
Ejabberd Process-one 0.9 0.9
Ejabberd Process-one 1.0.0 1.0.0
Ejabberd Process-one 2.1.4 2.1.4
Ejabberd Process-one 2.0.2 2.0.2
Ejabberd Process-one 1.1.3 1.1.3
Ejabberd Process-one 2.1.1 2.1.1
Ejabberd Process-one 1.1.1.0 1.1.1.0
Ejabberd Process-one 2.0.0 2.0.0

References