FortiClient Vulnerability

Python CVE-2014-0224 Weak Encryption Vulnerability

Description

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability.

Affected Applications

Python

CVE References

CVE-2014-0224

Other References

https://bugs.python.org/

ID	72937
Created	Jul 31, 2022
Description Updated	Dec 18, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Python Software Foundation
Patch	manual
Application	Python

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Python CVE-2014-0224 Weak Encryption Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Python CVE-2014-0224 Weak Encryption Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center