Renegotiation vulnerability (CVE-2011-1473) in OpenSSL 1.0.2

Manish Patidar mann.patidar at
Tue Sep 26 16:56:12 UTC 2023

  Our product is using OpenSSL 1.0.2 , one of the vulnerability scan tool
reported vulnerability : CVE-2011-1473.
  Vulnerability description:
  Opensl doesn't properly restrict client-initiated renegotiation within
the SSL and TLS protocols, which might make it easier for remote attackers
to cause a denial of service (CPU consumption) by performing many
renegotiations within a single connection.

  Only solution available for this vulnerability, is to disable
renegotiation using SSL_OP_NO_RENEGOTIATION option. But this option is not
available in the OpenSSL 1.0.2 version.

  Any suggestions, how to fix this vulnerability in OpenSSL 1.0.2 version.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list