Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Lighttpd Inadequate Encryption Strength Vulnerability - CVE-2013-4508 - Vulnerability Database
Lighttpd

Lighttpd Inadequate Encryption Strength Vulnerability - CVE-2013-4508

High
Reference: CVE-2013-4508
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4508
Title: Lighttpd Inadequate Encryption Strength Vulnerability
Overview:

lighttpd before 1.4.34 when SNI is enabled configures weak SSL ciphers which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.