Описание
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.
A vulnerability was found in the Diffie-Hellman Ephemeral (DHE) Key Agreement Protocol, where a malicious client can exploit the server's public key validation process. By forcing the server to use DHE and validating the order of public keys, the client can trigger expensive server-side modular exponentiation calculations. This issue results in asymmetric resource consumption, potentially leading to a denial of service (DoS) attack by overwhelming the server with computationally intensive operations.
Отчет
This vulnerability is classified with a Low severity rather than Moderate because it requires specific conditions to be exploitable. The attack depends on the server being configured to use DHE key exchange and perform public key order validation, which is not the default in many configurations. Additionally, while the attack can cause increased CPU usage, leading to a potential denial of service, it does not directly compromise the confidentiality, integrity, or availability of the data being exchanged. The impact is limited to resource exhaustion, and mitigations such as rate limiting, alternative key exchange methods, or disabling DHE can effectively reduce the attack surface, making it less impacted than issues that could lead to direct data breaches or system compromise.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel8 | Will not fix | ||
| Red Hat 3scale API Management Platform 2 | 3scale-amp-backend-container | Will not fix | ||
| Red Hat Enterprise Linux 10 | openssl | Will not fix | ||
| Red Hat Enterprise Linux 6 | openssl | Will not fix | ||
| Red Hat Enterprise Linux 7 | openssl | Will not fix | ||
| Red Hat Enterprise Linux 7 | ovmf | Will not fix | ||
| Red Hat Enterprise Linux 8 | compat-openssl10 | Will not fix | ||
| Red Hat Enterprise Linux 8 | mingw-openssl | Will not fix | ||
| Red Hat Enterprise Linux 8 | openssl | Will not fix | ||
| Red Hat Enterprise Linux 9 | compat-openssl11 | Will not fix |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.
Validating the order of the public keys in the Diffie-Hellman Key Agre ...
EPSS
5.9 Medium
CVSS3