CVE-2013-3587 Information

Description

The HTTPS protocol as used in unspecified web applications can encrypt compressed data without properly obfuscating the length of the unencrypted data which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body aka a \BREACH\ attack a different issue than CVE-2012-4929.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

http://breachattack.com/ http://github.com/meldium/breach-mitigation-rails http://security.stackexchange.com/questions/20406/is-http-compression-safe20407 http://slashdot.org/story/13/08/05/233216 http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf http://www.kb.cert.org/vuls/id/987798 https://bugzilla.redhat.com/show_bug.cgi?id=995168 https://hackerone.com/reports/254895 https://support.f5.com/csp/article/K14634 https://www.blackhat.com/us-13/briefings.htmlPrado https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.9