Files

qiaoli 2d06ea450b WAF Dedicated UMN 20250222 version

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qiaoli <qiaoli@huawei.com>
Co-committed-by: qiaoli <qiaoli@huawei.com>

2025-07-15 08:00:50 +00:00

960 B

Raw Permalink Blame History

Why Is the Bar Mitzvah Attack on SSL/TLS Detected?

The Bar Mitzvah attack is a cryptographic attack targeting SSL/TLS protocols. The attack exploits a vulnerability in the RC4 cryptographic algorithm. This vulnerability can disclose ciphertext in SSL/TLS encrypted traffic in some cases, such as passwords, credit card data, or other privacy data, to hackers.

Solution

To solve this problem, you can set the minimum TLS version to TLS v1.2 and cipher suite to cipher suite 2.

Parent topic: Troubleshooting Certificate and Cipher Suite Issues

960 B Raw Permalink Blame History

Why Is the Bar Mitzvah Attack on SSL/TLS Detected?

Solution

960 B

Raw Permalink Blame History