Search for vulnerabilities
| Vulnerability ID | VCID-hbwd-7s88-dyfn |
| Aliases |
CVE-2016-0800
|
| Summary | SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) |
| Status | Published |
| Exploitability | 2.0 |
| Weighted Severity | 0.8 |
| Risk | 1.6 |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| epss | 0.89469 | https://api.first.org/data/v1/epss?cve=CVE-2016-0800 |
| epss | 0.89821 | https://api.first.org/data/v1/epss?cve=CVE-2016-0800 |
| epss | 0.89821 | https://api.first.org/data/v1/epss?cve=CVE-2016-0800 |
| epss | 0.89821 | https://api.first.org/data/v1/epss?cve=CVE-2016-0800 |
| epss | 0.89821 | https://api.first.org/data/v1/epss?cve=CVE-2016-0800 |
| Data source | Metasploit |
|---|---|
| Description | Check if a server supports a given version of SSL/TLS and cipher suites. The certificate is stored in loot, and any known vulnerabilities against that SSL version and cipher suite combination are checked. These checks include POODLE, deprecated protocols, expired/not valid certs, low key strength, null cipher suites, certificates signed with MD5, DROWN, RC4 ciphers, exportable ciphers, LOGJAM, and BEAST. |
| Note | {}
|
| Ransomware campaign use | Unknown |
| Source publication date | Oct. 14, 2014 |
| Source URL | https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/ssl_version.rb |
| Percentile | 0.99538 |
| EPSS Score | 0.89469 |
| Published At | Aug. 3, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T11:01:17.502429+00:00 | RedHat Importer | Import | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0800.json | 37.0.0 |