The host is installed with OpenSSL before 0.9.8j and is prone to security bypass vulnerability. A flaw is present in the application, which does not prevent modification of the ciphersuite in the session cache. Successful exploitation could allow remote attackers to force the use of a disabled cipher via vectors involving sniffing network traffic.