New Search

TLS Information Disclosure Vulnerability - CVE-2020-1596

oval:org.cisecurity:def:8348

A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability an attacker would have to conduct a man-in-the-middle attack. The update addresses the vulnerability by correcting how TLS components use hash algorithms.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2020-1596
  • MSRC-CVE-2020-1596
  • KB4577053
  • KB4577070
  • KB4577048
  • KB4577071
  • KB4577049
  • KB4577015
  • KB4577041
  • KB4577032
  • KB4570333
  • KB4574727
Product(s):