Lucene search

[email protected]CVE-2002-20001

HistoryNov 11, 2021 - 7:15 p.m.

CVE-2002-20001

2021-11-1119:15:00

CWE-400

[email protected]

web.nvd.nist.gov

178

diffie-hellman

key agreement

remote attack

dhe

modular-exponentiation

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.9%

JSON

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

CPENameOperatorVersion
balasys:dheaterbalasys dheatereq-
siemens:scalance_w1750d_firmwaresiemens scalance w1750d firmwareeq*
suse:linux_enterprise_serversuse linux enterprise servereq15
suse:linux_enterprise_serversuse linux enterprise servereq11
suse:linux_enterprise_serversuse linux enterprise servereq12
f5:big-iq_centralized_managementf5 big-iq centralized managementeq7.1.0
f5:traffix_signaling_delivery_controllerf5 traffix signaling delivery controllereq5.2.0
f5:traffix_signaling_delivery_controllerf5 traffix signaling delivery controllereq5.1.0
f5:big-iq_centralized_managementf5 big-iq centralized managementle8.2.0
f5:big-ip_service_proxyf5 big-ip service proxyeq1.6.0

CPE	Name	Operator	Version
balasys:dheater	balasys dheater	eq	-
siemens:scalance_w1750d_firmware	siemens scalance w1750d firmware	eq	*
suse:linux_enterprise_server	suse linux enterprise server	eq	15
suse:linux_enterprise_server	suse linux enterprise server	eq	11
suse:linux_enterprise_server	suse linux enterprise server	eq	12
f5:big-iq_centralized_management	f5 big-iq centralized management	eq	7.1.0
f5:traffix_signaling_delivery_controller	f5 traffix signaling delivery controller	eq	5.2.0
f5:traffix_signaling_delivery_controller	f5 traffix signaling delivery controller	eq	5.1.0
f5:big-iq_centralized_management	f5 big-iq centralized management	le	8.2.0
f5:big-ip_service_proxy	f5 big-ip service proxy	eq	1.6.0

Rows per page:

1-10 of 411

References

cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf

dheatattack.com

dheatattack.gitlab.io/

github.com/Balasys/dheater

github.com/mozilla/ssl-config-generator/issues/162

gitlab.com/dheatattack/dheater

ieeexplore.ieee.org/document/10374117

support.f5.com/csp/article/K83120834

www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt

www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/

www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/

www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol

www.suse.com/support/kb/doc/?id=000020510

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVE-2002-20001

nessus3 f51 prion1 ubuntucve1 openvas2 cve1 avleonov1 ics1