Summary
OpenSSL does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
Products Potentially Affected
|
OS/Product
|
Exposure
|
|
Switch Engine (EXOS)
|
Investigating
|
Repair Recommendations
None.
Please see the full security advisory article here for more details and updates.
