CVE-2002-20001
Published Nov 11, 2021
Last updated 7 months ago
Overview
- Description
- The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-400
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:balasys:dheater:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE3F88FC-F039-433B-9035-88F1691DA082"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "065280B2-6EC1-4721-B3D7-EDE44ED4F5BD"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FBC30055-239F-4BB1-B2D1-E5E35F0D8911"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70A029CD-2AC4-4877-B1A4-5C72B351BA27"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE73DAA2-9CCA-4BD6-B11A-9326F79D9ABB",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "475E283C-8F3C-4051-B9E8-349845F8C528",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "956AC9F3-2042-4C21-A5E4-D2D4334D2FC3",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E17DBD3E-F5AC-4A35-81E0-C4804CAD78F9",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "346B71B1-D583-4463-ADF8-BEE700B0CA3A",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2AA25BA-72C5-48A9-BDBC-CA108208011F",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "308B0070-6716-4754-A5E4-C3D70CAB376B",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F26AB06-7FEB-4A56-B722-DBDEEE628DB8",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE48C9C9-6B84-4A4A-963D-6DFE0C2FB312",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "878CD8E6-6B9B-431D-BD15-F954C7B8076F",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D9DB9B9-2959-448E-9B59-C873584A0E11",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AF04191-019B-4BC9-A9A7-7B7AA9B5B7D1",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F62D754D-A4A1-4093-AB42-9F51C19976CA",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90084CD6-FA4B-4305-BC65-58237BAF714E",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC9D4626-915F-42E5-81E0-6F8271084773",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7056F1FA-24AC-4D9F-8DDC-B3CA4740BF5E",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_service_proxy:1.6.0:*:*:*:*:kubernetes:*:*",
"vulnerable": true,
"matchCriteriaId": "BC5AC8C7-92BA-48D4-81A1-F5323DA952A9"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E48AC50D-19B3-4E97-ADD2-B661BD891ED7",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B13C4244-BE15-4F2C-BBBA-35072571B041",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1B4FBF6-C23A-4BD2-ADFB-9617C03B603A",
"versionEndIncluding": "17.1.0",
"versionStartIncluding": "13.1.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "360D8842-2C55-450F-9AFA-09CA34B12598",
"versionEndIncluding": "8.2.0",
"versionStartIncluding": "8.0.0"
},
{
"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:7.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA0B396A-B5CE-4337-A33A-EF58C4589CB3"
},
{
"criteria": "cpe:2.3:a:f5:f5os-a:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4A3C86A-CA2F-4AC8-A43E-765829A96147"
},
{
"criteria": "cpe:2.3:a:f5:f5os-a:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03E01235-F9B0-4CCF-AA08-FECF61C62B21"
},
{
"criteria": "cpe:2.3:a:f5:f5os-c:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BFAE8EC-9A5F-421D-990D-B6D454DECAEC",
"versionEndIncluding": "1.3.2",
"versionStartIncluding": "1.3.0"
},
{
"criteria": "cpe:2.3:a:f5:f5os-c:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC3EDB8D-5C16-49DF-BE48-C83744AD7788"
},
{
"criteria": "cpe:2.3:a:f5:f5os-c:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12FEEABD-9A4A-4A33-9B74-7B053352C47D"
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42836A1C-81BB-4F80-9E32-EEE0DAA18D26"
},
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA4D5EC6-8099-4D0A-AD6F-BA3B37C2EBD8"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B3AD582-9909-4FF5-B541-571F18E22356",
"versionEndExcluding": "10.06.0180",
"versionStartIncluding": "10.06.0000"
},
{
"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21F81EB2-3916-4DC6-9600-B7FD17906B53",
"versionEndExcluding": "10.07.0030",
"versionStartIncluding": "10.07.0000"
},
{
"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71284AA8-9E0E-4B2F-8464-B49E1D6965B5",
"versionEndExcluding": "10.08.0010",
"versionStartIncluding": "10.08.0000"
},
{
"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F059E5A9-E613-4BE1-BF61-C477B3441175",
"versionEndExcluding": "10.09.0002",
"versionStartIncluding": "10.09.0000"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_4100i:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B7C2B56C-203F-4290-BCE7-8BD751DF9CEF"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FF1DD310-3D31-4204-92E0-70C33EE44F08"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6200f:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FCD1A83B-109B-4596-AE37-706751E2B57D"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6200m:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1218AAA5-01ED-4D89-A7AE-A600356ABD46"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6300f:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D6F748F-89E9-45FB-8BE7-2201E5EB2755"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6300m:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8066A871-2683-4F74-9750-E73BF004209F"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6405:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D118A9A6-BBA4-4149-AE0D-1DA2EB45B53F"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_6410:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "790C5E7A-3405-4873-83E8-4D9C0FEC5E6D"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8320:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "10B5F18A-28B0-49B4-8374-C681C2B48D2A"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8325-32c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "59B7E2D3-0B72-4A78-AEFA-F106FAD38156"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8325-48y8c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7E87A92B-4EE5-4235-A0DA-195F27841DBB"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-12c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6BC24E52-13C0-402F-9ABF-A1DE51719AEF"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-16y2c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "76EF979E-061A-42A3-B161-B835E92ED180"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-24xf2c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DE04919C-9289-4FB3-938F-F8BB15EC6A74"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-32y4c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B630C64B-C474-477D-A80B-A0FB73ACCC49"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-48xt4c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "53ABE8B8-A4F6-400B-A893-314BE24D06B8"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8360-48y6c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C44383CC-3751-455E-B1AB-39B16F40DC76"
},
{
"criteria": "cpe:2.3:h:hpe:aruba_cx_8400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B25A9CD2-5E5F-4BDB-8707-5D6941411A2B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62A933C5-C56E-485C-AD49-3B6A2C329131",
"versionEndExcluding": "3.3.3"
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7387F52-013D-432D-87D8-5D3ABD472C9E",
"versionEndExcluding": "4.3.16",
"versionStartIncluding": "2.7.0"
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8A23A5D-928A-4225-9C93-31E5DFE215A7",
"versionEndExcluding": "4.6.3",
"versionStartIncluding": "4.4.0"
}
],
"operator": "OR"
}
]
}
]