A TLS/SSL vulnerability was announced yesterday, titled FREAK (Factoring Attack on RSA-EXPORT Keys CVE-2015-0204). Much like POODLE and other recent TLS/SSL attacks, this vulnerability affects certain SSL clients (particularly older web browsers), as well as misconfigured web servers and web delivery services.
Instart Logic customers on our software-defined application delivery service (SDAD) are not vulnerable to the FREAK attack as our network is configured to disable these weak encryption protocols.
While the Instart Logic service is not vulnerable to this attack, customers’ origin servers may still be vulnerable. We encourage all our customers to assess their origin servers and other devices and take steps to remediate this vulnerability if it is present. To determine whether your web server is vulnerable, customers can use the following OpenSSL command, substituting their website name for “www.instartlogic.com”:
openssl s_client -cipher EXPORT -connect www.instartlogic.com:443
Vulnerable servers will return a server certificate, while servers that are not vulnerable will return an error.
Instart Logic is committed to protecting our customers. We continually monitor and deploy the latest and most innovative encryption techniques to ensure that our customers are always secure.
If you have any questions, please contact Support at email@example.com or via phone at 1.888.576.3166 or +1.650.919.8854.