The host is installed with Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows 7, 8 or 8.1 and is prone to a tls triple handshake vulnerability. A flaw is present in the application, which fails to properly extend master secret binding support to all supported version of TLS. Successful exploitation could allow an attacker to impersonate a victim on any other server that uses the same credentials as those used between the client and server where the attack is initiated.