What is the impact of CVE-2011-3389 (aka "BEAST" attack) on OpenSSL?

Solution Verified - Updated -

Issue

  • Red Hat's CVE database entry for CVE-2011-3389 doesn't mention any fix for OpenSSL.
  • Is OpenSSL as shipped by RHEL vulnerable to this vulnerability?

Environment

  • Red Hat Enterprise Linux, all versions.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In