Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybercrime
gptkb:security |
| gptkbp:affects |
HTTPS
HTTP compression TLS compression |
| gptkbp:category |
information disclosure vulnerability
|
| gptkbp:discoveredIn |
2013
|
| gptkbp:exploits |
compression side-channel
|
| gptkbp:mitigatedBy |
disabling HTTP compression
randomizing secrets |
| gptkbp:presentedBy |
Black Hat USA 2013
|
| gptkbp:relatedTo |
gptkb:CRIME_attack
|
| gptkbp:requires |
attacker to observe victim's encrypted traffic
|
| gptkbp:supportedBy |
gptkb:CSRF_tokens
sensitive data session cookies |
| gptkbp:target |
web applications
web servers |
| gptkbp:vulnerableTo |
CVE-2013-3587
|
| gptkbp:bfsParent |
gptkb:CRIME_attack
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
BREACH attack
|