QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-1637

Back to search

CVE-2015-1637

Published: Mar 6, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067.

VendorProductVersions

n/a

n/a

affected
n/a

References

1031833
vdb-entry
x_refsource_SECTRACK
72965
vdb-entry
x_refsource_BID
https://freakattack.com/
x_refsource_MISC
MS15-031
vendor-advisory
x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now