CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-36363

Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://aws.amazon.com/about-aws/whats-new/2020/07/cloudfront-tls-security-policy/
https://stackoverflow.com/questions/62071604
https://aws.amazon.com/about-aws/whats-new/2020/07/cloudfront-tls-security-policy/
https://stackoverflow.com/questions/62071604

Products affected by CVE-2020-36363

Amazon » Amazon Cloudfront » Version: 1.2_2019

cpe:2.3:a:amazon:amazon_cloudfront:1.2_2019

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36363

Products

Pricing

Contact Us