Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-1968

Опубликовано: 09 сент. 2020
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).

A flaw was found in openssl in versions 1.0.2 to 1.0.2w. A Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The highest threat from this vulnerability is to data confidentiality.

Отчет

openssl 1.1.0i as bundled in the ovmf package shipped with Red Hat Enterprise Linux 7 supplementary rpms is not affected by this flaw. openssl 1.1.1 as shipped in Red Hat Enterprise Linux 8 is also not affected. Red Hat Advanced Cluster Management for Kubernetes does not use the vulnerable cipher suites, so it is not impacted by this flaw.

Меры по смягчению последствий

In OpenSSL 1.0.2e and below, this flaw can be mitigated by not enabling any ciphersuites with Diffie Hellman (DH), excluding ciphersuites using Elliptic Curve Diffie Hellman (ECDH). In OpenSSL 1.0.2f and above, this flaw can be mitigated by not enabling static DH ciphersuites. Such ciphersuites start with DH- in OpenSSL and are mapped to IANA names that start with TLS_DH_, excluding ciphersuites that start with TLS_DH_anon. Following this convention, we see that DH-RSA-AES256-GCM-SHA384 with IANA name TLS_DH_RSA_WITH_AES_256_GCM_SHA384 is affected and should not be used in a mitigation of this flaw. However, ECDH-RSA-AES128-GCM-SHA256 with IANA name TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 is not affected and may be used in a mitigation to this flaw, as it does not follow the DH- or TLS_DH_ naming convention.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Advanced Cluster Management for Kubernetes 2opensslNot affected
Red Hat Enterprise Linux 5opensslOut of support scope
Red Hat Enterprise Linux 5openssl097aOut of support scope
Red Hat Enterprise Linux 6opensslOut of support scope
Red Hat Enterprise Linux 6openssl098eOut of support scope
Red Hat Enterprise Linux 7opensslFix deferred
Red Hat Enterprise Linux 7openssl098eFix deferred
Red Hat Enterprise Linux 7ovmfNot affected
Red Hat Enterprise Linux 8compat-openssl10Fix deferred
Red Hat Enterprise Linux 8mingw-opensslFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-385->CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1877458openssl: Information exposure when DH secret are reused across multiple TLS connections

EPSS

Процентиль: 74%
0.00844
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-1968

CVSS3: 3.7
ubuntu
больше 5 лет назад

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).

nvd логотип

CVE-2020-1968

CVSS3: 3.7
nvd
больше 5 лет назад

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).

debian логотип

CVE-2020-1968

CVSS3: 3.7
debian
больше 5 лет назад

The Raccoon attack exploits a flaw in the TLS specification which can ...

suse-cvrf логотип

SUSE-SU-2020:14511-1

suse-cvrf
больше 5 лет назад

Security update for openssl1

suse-cvrf логотип

SUSE-SU-2020:14491-1

suse-cvrf
больше 5 лет назад

Security update for openssl

EPSS

Процентиль: 74%
0.00844
Низкий

5.9 Medium

CVSS3