CVE-2011-4747

Name of the Vulnerable Software and Affected Versions Parallels Plesk Panel version 10.3.1 build1013110726.09

Description The issue allows remote attackers to defeat cryptographic protection mechanisms via a crafted CipherSuite list because the billing system does not prevent the use of weak ciphers for SSL sessions.

Recommendations For Parallels Plesk Panel version 10.3.1 build1013110726.09, consider disabling the use of weak ciphers for SSL sessions as a temporary workaround until a patch is available. Restrict access to the billing system to minimize the risk of exploitation. Avoid using weak ciphers in the CipherSuite list until the issue is resolved.