During a penetration test, a consultant inserts a proxy between a client and an internal web server. By tampering with the TLS handshake messages, the consultant succeeds in forcing both endpoints to negotiate the outdated SSL 3.0 protocol instead of TLS 1.3. Exploiting weaknesses in the older protocol, the consultant is able to decrypt session data. Which type of attack was performed?
A downgrade attack deliberately interferes with the protocol negotiation process so that the parties fall back to an older, less secure algorithm or protocol version. Once the security level is lowered, known vulnerabilities or small key sizes can be exploited to compromise confidentiality or integrity. A replay attack merely resends captured packets without changing the negotiated cipher. A man-in-the-middle attack intercepts traffic but does not necessarily coerce a weaker protocol. A buffer overflow targets memory handling, not cryptographic negotiation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a downgrade attack in more detail?
Open an interactive chat with Bash
How does a downgrade attack differ from a man-in-the-middle attack?
Open an interactive chat with Bash
What are examples of protocols vulnerable to downgrade attacks?