Search for vulnerabilities
Vulnerability details: VCID-ksnr-v863-xuf1
Vulnerability ID VCID-ksnr-v863-xuf1
Aliases CVE-2011-3389
Summary
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel
System Score Found at
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05423 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05563 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.05563 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.0693 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.0693 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
epss 0.0693 https://api.first.org/data/v1/epss?cve=CVE-2011-3389
cvssv3.1 High https://curl.se/docs/CVE-2011-3389.html
cvssv3.1 3.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json
https://api.first.org/data/v1/epss?cve=CVE-2011-3389
https://curl.se/docs/CVE-2011-3389.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
645881 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645881
737506 https://bugzilla.redhat.com/show_bug.cgi?id=737506
RHSA-2011:1380 https://access.redhat.com/errata/RHSA-2011:1380
RHSA-2011:1384 https://access.redhat.com/errata/RHSA-2011:1384
RHSA-2012:0006 https://access.redhat.com/errata/RHSA-2012:0006
RHSA-2012:0034 https://access.redhat.com/errata/RHSA-2012:0034
RHSA-2012:0343 https://access.redhat.com/errata/RHSA-2012:0343
RHSA-2012:0508 https://access.redhat.com/errata/RHSA-2012:0508
RHSA-2013:1455 https://access.redhat.com/errata/RHSA-2013:1455
USN-1263-1 https://usn.ubuntu.com/1263-1/
Data source Metasploit
Description Check if a server supports a given version of SSL/TLS and cipher suites. The certificate is stored in loot, and any known vulnerabilities against that SSL version and cipher suite combination are checked. These checks include POODLE, deprecated protocols, expired/not valid certs, low key strength, null cipher suites, certificates signed with MD5, DROWN, RC4 ciphers, exportable ciphers, LOGJAM, and BEAST.
Note 
{}
Ransomware campaign use Unknown
Source publication date Oct. 14, 2014
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/ssl_version.rb
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.89782
EPSS Score 0.05423
Published At Aug. 4, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:38:33.740794+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/1263-1/ 37.0.0