Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-20001 | First vendor Publication | 2021-11-11 |
Vendor | Cve | Last vendor Modification | 2024-04-23 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.5 | ||
Base Score | 7.5 | Environmental Score | 7.5 |
impact SubScore | 3.6 | Temporal Score | 7.5 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | None |
Integrity Impact | None | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-20001 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
CPE : Common Platform Enumeration
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-04-23 13:27:33 |
|
2024-01-11 09:27:46 |
|
2023-10-20 01:02:01 |
|
2023-10-19 01:01:57 |
|
2023-09-30 00:27:44 |
|
2023-09-25 12:02:04 |
|
2023-08-16 21:28:18 |
|
2023-08-08 01:01:56 |
|
2023-07-19 12:02:17 |
|
2023-07-19 09:27:33 |
|
2023-05-16 21:27:36 |
|
2022-11-09 21:27:42 |
|
2022-11-08 17:27:32 |
|
2021-11-17 17:22:58 |
|
2021-11-12 21:22:53 |
|
2021-11-12 05:22:52 |
|
2021-11-12 00:22:51 |
|