COS-General

Has HubSpot addressed the the SSL 'Freak' vulnerability?

Last updated: November 29, 2016

The ‘FREAK,’ vulnerability (CVE-2015-0204), allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography. This export-grade cryptography includes out-of-date encryption key lengths that can then easily be decrypted. To be clear, this vulnerability does not affect SSL Certificates and does not require any action related to certificate management. With that said, HubSpot has already rolled out server side fixes to the secure network.

For more information on the ‘FREAK,’ vulnerability (CVE-2015-0204), please review the helpful resources linked below.