What the vulnerability does
01Description
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.
Explanation of Vulnerability in Simple Terms
Really Simple SSL versions up to 9.5.10 contain an authentication bypass vulnerability that allows attackers to read sensitive data, modify site content, or disrupt service without needing valid credentials. The vulnerability requires specific network conditions to exploit but does not require user interaction. Site administrators should update to a version newer than 9.5.10 immediately.
What an attacker can do
Read sensitive data, modify site content, or disrupt service without valid login credentials.
Potential impact on your site
Attackers can access and modify your site's data and functionality without logging in, potentially exposing user information or defacing content.
Conditions required to exploit
Network access to the site; no authentication or user interaction required, but specific network conditions must be met.
Key dates
External resources
Related vulnerabilities