BEAST Attack (CVE-2011-3389)


During the scan, Kayran managed to find a BEAST Attack (CVE-2011-3389) vulnerability.
BEAST stands for : Browser Exploit Against SSL/TLS.
The Browser Exploit Against SSL/TLS attack affects the TLS 1.0 \1.1 protocols.

This allows an attacker to decrypt the contents of an SSL-encrypted or TLS-encrypted sessions between a web browser and the website.

On 23 September 2011, researchers demonstrated a new attack called BEAST at a security conference in Argentina, as reported by various media outlets worldwide.
BEAST attacks are not easy to perform. The attacker needs to chain another exploit to become a Man-In-The-Middle and inject the content into the data stream.


CVSS Version 2.0 – 4.3 Medium


In order to mitigate this vulnerability please Enable TLS 1.2 or TLS 1.3 on servers that support these protocols. Also, enable TLS 1.2 or TLS 1.3 in web browsers that support these protocols.


< Return to all Vulnerabilities

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »