SSL renegotiation is vulnerable to the man-in-the-middle attacks. It is disabled by default for all components except Analytics Server.
For information about how to disable it in Analytics Server, see Disabling SSL Renegotiations.