1件の承認済みベストアンサー
Hi @KSorensen7,
Thanks for reaching out!
This has been already been mitigated by Cloudflare, which is documented toward the end of this page. For additional context, Cloudflare is our Content Delivery Network which is used to protect our websites and services from hackers and to speed up the performance of our customer’s websites).
I wanted to share this snippet from the linked website with you:
"A vulnerability in the use of the Triple DES (3DES) encryption algorithm in the Transport Layer Security (TLS) protocol. Sweet32 is currently a proof of concept attack, there are no known examples of this in the wild. Cloudflare has manually mitigated the vulnerability for TLS 1.0 in the following manner:
- attacker must collect 32GB of data from a single TLS session
- Cloudflare forces new TLS 1.0 session keys on the affected 3DES cipher well before 32GB of data is collected
If you would like to test the protections built into the HubSpot platform using a fully-featured free trial, it is possible to test within the guidelines of our bug bounty program. For more info about HubSpot bug bounty and the guidelines, please visit https://bugcrowd.com/hubspot
Thank you,
Kristen
|
Loop Marketing is a new four-stage approach that combines AI efficiency and human authenticity to drive growth. Learn More |
Hi @KSorensen7,
Thanks for reaching out!
This has been already been mitigated by Cloudflare, which is documented toward the end of this page. For additional context, Cloudflare is our Content Delivery Network which is used to protect our websites and services from hackers and to speed up the performance of our customer’s websites).
I wanted to share this snippet from the linked website with you:
"A vulnerability in the use of the Triple DES (3DES) encryption algorithm in the Transport Layer Security (TLS) protocol. Sweet32 is currently a proof of concept attack, there are no known examples of this in the wild. Cloudflare has manually mitigated the vulnerability for TLS 1.0 in the following manner:
- attacker must collect 32GB of data from a single TLS session
- Cloudflare forces new TLS 1.0 session keys on the affected 3DES cipher well before 32GB of data is collected
If you would like to test the protections built into the HubSpot platform using a fully-featured free trial, it is possible to test within the guidelines of our bug bounty program. For more info about HubSpot bug bounty and the guidelines, please visit https://bugcrowd.com/hubspot
Thank you,
Kristen
|
|
Loop Marketing is a new four-stage approach that combines AI efficiency and human authenticity to drive growth. Learn More |
