Lucene search
Redhat.comRH:CVE-2020-12413HistorySep 09, 2020 - 8:46 p.m.
CVE-2020-12413
2020-09-0920:46:29
redhat.com
access.redhat.com
13
0.001 Low
EPSS
Percentile
48.2%
A flaw was found in Mozilla nss. A raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman(DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The highest threat from this vulnerability is to data confidentiality.
Mitigation
Any risk involving the ECDHE key reuse on the nss server can be mitigated by setting the SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE.
Related
prion
prion
Design/Logic Flaw
2023-02-16 22:15:00
ubuntucve
ubuntucve
CVE-2020-12413
2023-02-16 00:00:00
cve
cve
CVE-2020-12413
2023-02-16 22:15:10
cvelist
cvelist
CVE-2020-12413
2023-02-16 00:00:00
debiancve
debiancve
CVE-2020-12413
2023-02-16 22:15:10
f5
f5
K28409184 : Mozilla NSS vulnerability CVE-2020-12413
2021-09-14 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2020-24) - Mac OS X
2020-07-02 00:00:00
Mozilla Firefox Security Advisory (MFSA2020-24) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Advisory (MFSA2020-24) - Windows
2020-07-02 00:00:00
nessus
nessus
RHEL 5 : nss (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : nss (Unpatched Vulnerability)
2024-05-11 00:00:00