URGENT SECURITY ACTION | SSL & TLS "DROWN" Vulnerability

Alerts ID:    ALERT2002    Updated:    06/21/2016

Severity

Urgent

Description

is aware of the following SSLv2 DROWN vulnerability.

This vulnerability centers around the fact that attackers can force a web server to use an old, insecure version of SSL/TLS known as SSLv2. Although no longer used, SSLv2 is still supported by many web servers.

This is a vulnerability with the SSL protocol; existing SSL certificates are not affected and do not need to be replaced.


Recommended actions:

For more information about DROWN vulnerability, visit Symantec's official blog.

 

Disclaimer:
Terms of use for this information are found in Legal Notices

 

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center


Search Tips