virus logo FortiClient Vulnerability

OpenSSL CVE-2015-0285 Weak Encryption Vulnerability

description-logoDescription

The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-0285

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 73661
Created Nov 03, 2022
Description
Updated		 Dec 18, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor OpenSSL
Patch manual
Application OpenSSL