Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2002-20001
HistoryNov 11, 2021 - 7:15 p.m.

CVE-2002-20001

2021-11-1119:15:07
CWE-400
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.011 Low

EPSS

Percentile

84.3%

JSON

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Affected configurations

NVD
Node
balasysdheaterMatch-
Node
siemensscalance_w1750d_firmware
AND
siemensscalance_w1750dMatch-
Node
suselinux_enterprise_serverMatch11-
OR
suselinux_enterprise_serverMatch12-
OR
suselinux_enterprise_serverMatch15
Node
f5big-ip_access_policy_managerRange13.1.017.1.0
OR
f5big-ip_advanced_firewall_managerRange13.1.017.1.0
OR
f5big-ip_advanced_web_application_firewallRange13.1.017.1.0
OR
f5big-ip_analyticsRange13.1.017.1.0
OR
f5big-ip_application_acceleration_managerRange13.1.017.1.0
OR
f5big-ip_application_security_managerRange13.1.017.1.0
OR
f5big-ip_application_visibility_and_reportingRange13.1.017.1.0
OR
f5big-ip_carrier-grade_natRange13.1.017.1.0
OR
f5big-ip_ddos_hybrid_defenderRange13.1.017.1.0
OR
f5big-ip_domain_name_systemRange13.1.017.1.0
OR
f5big-ip_edge_gatewayRange13.1.017.1.0
OR
f5big-ip_fraud_protection_serviceRange13.1.017.1.0
OR
f5big-ip_global_traffic_managerRange13.1.017.1.0
OR
f5big-ip_link_controllerRange13.1.017.1.0
OR
f5big-ip_local_traffic_managerRange13.1.017.1.0
OR
f5big-ip_policy_enforcement_managerRange13.1.017.1.0
OR
f5big-ip_service_proxyMatch1.6.0kubernetes
OR
f5big-ip_ssl_orchestratorRange13.1.017.1.0
OR
f5big-ip_webacceleratorRange13.1.017.1.0
OR
f5big-ip_websafeRange13.1.017.1.0
OR
f5big-iq_centralized_managementRange8.0.08.2.0
OR
f5big-iq_centralized_managementMatch7.1.0
OR
f5f5os-aMatch1.3.0
OR
f5f5os-aMatch1.3.1
OR
f5f5os-cRange1.3.01.3.2
OR
f5f5os-cMatch1.5.0
OR
f5f5os-cMatch1.5.1
OR
f5traffix_signaling_delivery_controllerMatch5.1.0
OR
f5traffix_signaling_delivery_controllerMatch5.2.0
Node
hpearubaos-cxRange10.06.000010.06.0180
OR
hpearubaos-cxRange10.07.000010.07.0030
OR
hpearubaos-cxRange10.08.000010.08.0010
OR
hpearubaos-cxRange10.09.000010.09.0002
AND
hpearuba_cx_4100iMatch-
OR
hpearuba_cx_6100Match-
OR
hpearuba_cx_6200fMatch-
OR
hpearuba_cx_6200mMatch-
OR
hpearuba_cx_6300fMatch-
OR
hpearuba_cx_6300mMatch-
OR
hpearuba_cx_6405Match-
OR
hpearuba_cx_6410Match-
OR
hpearuba_cx_8320Match-
OR
hpearuba_cx_8325-32cMatch-
OR
hpearuba_cx_8325-48y8cMatch-
OR
hpearuba_cx_8360-12cMatch-
OR
hpearuba_cx_8360-16y2cMatch-
OR
hpearuba_cx_8360-24xf2cMatch-
OR
hpearuba_cx_8360-32y4cMatch-
OR
hpearuba_cx_8360-48xt4cMatch-
OR
hpearuba_cx_8360-48y6cMatch-
OR
hpearuba_cx_8400Match-
Node
stormshieldstormshield_management_centerRange<3.3.3
OR
stormshieldstormshield_network_securityRange2.7.04.3.16
OR
stormshieldstormshield_network_securityRange4.4.04.6.3

Related

cve 2
cvelist 2
openvas 3
nessus 3
nvd 1
prion 1
ubuntucve 1
f5 1
avleonov 1
ics 1
cve
cve
CVE-2002-20001
2021-11-11 19:15:07
CVE-2022-40735
2022-11-14 23:15:11
cvelist
cvelist
CVE-2002-20001
2021-11-11 00:00:00
CVE-2022-40735
2022-11-14 00:00:00
openvas
openvas
SSL/TLS: Report Supported Cipher Suites
2014-03-06 00:00:00
Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSL/TLS, D(HE)ater)
2021-12-16 00:00:00
Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSH, D(HE)ater)
2021-12-16 00:00:00
nessus
nessus
F5 Networks BIG-IP : Diffie-Hellman key agreement protocol weaknesses (K83120834)
2022-05-19 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2023:2470-1)
2023-06-09 00:00:00
Siemens SCALANCE W1750D Uncontrolled Resource Consumption (CVE-2002-20001)
2023-05-24 00:00:00
nvd
nvd
CVE-2022-40735
2022-11-14 23:15:11
prion
prion
Design/Logic Flaw
2022-11-14 23:15:00
ubuntucve
ubuntucve
CVE-2022-40735
2022-11-14 00:00:00
f5
f5
K83120834 : Diffie-Hellman key agreement protocol weaknesses CVE-2002-20001 & CVE-2022-40735
2022-05-19 00:00:00
avleonov
avleonov
VMconf 22: Blindspots in the Knowledge Bases of Vulnerability Scanners
2022-02-18 17:00:42
ics
ics
Siemens SCALANCE W1750D
2022-11-10 12:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.011 Low

EPSS

Percentile

84.3%

JSON
Related for NVD:CVE-2002-20001
cve2cvelist2openvas3nessus3nvd1prion1ubuntucve1f51avleonov1ics1