Source: wikibot/drown-attack
= DROWN attack
{wiki=DROWN_attack}
The DROWN attack (Decrypting RSA with Obsolete and Weakened eNcryption) is a security vulnerability that affects servers supporting both the HTTPS protocol (using SSL/TLS) and the outdated SSLv2 protocol. Discovered in 2016, the DROWN attack takes advantage of weaknesses in the SSLv2 protocol to decrypt data intercepted from secure connections.