CVE-2002-20001

CVSS 7.5 · high

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

published 2021-11-11 · last modified 2025-08-22 · sources: fkie-cad

Scoring

CVSS v3.1 7.5 · high CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses

CWE-400

Affected products

balasys:dheater all versions

siemens:scalance_w1750d_firmware all versions

suse:linux_enterprise_server = 11

suse:linux_enterprise_server = 12

suse:linux_enterprise_server = 15

f5:big-ip_access_policy_manager >= 13.1.0, < 16.1.4

f5:big-ip_access_policy_manager >= 17.0.0, < 17.1.0

f5:big-ip_advanced_firewall_manager >= 13.1.0, <= 17.1.2

f5:big-ip_advanced_firewall_manager = 17.5.0

f5:big-ip_advanced_web_application_firewall >= 13.1.0, <= 17.1.2

f5:big-ip_advanced_web_application_firewall = 17.5.0

f5:big-ip_analytics >= 13.1.0, <= 17.1.2

f5:big-ip_analytics = 17.5.0

f5:big-ip_application_acceleration_manager >= 13.1.0, <= 17.1.2

f5:big-ip_application_acceleration_manager = 17.5.0

f5:big-ip_application_security_manager >= 13.1.0, <= 17.1.2

f5:big-ip_application_security_manager = 17.5.0

f5:big-ip_application_visibility_and_reporting >= 13.1.0, <= 17.1.2

f5:big-ip_application_visibility_and_reporting = 17.5.0

f5:big-ip_carrier-grade_nat >= 13.1.0, <= 17.1.2

f5:big-ip_carrier-grade_nat = 17.5.0

f5:big-ip_ddos_hybrid_defender >= 13.1.0, <= 17.1.2

f5:big-ip_ddos_hybrid_defender = 17.5.0

f5:big-ip_domain_name_system >= 13.1.0, <= 17.1.2

f5:big-ip_domain_name_system = 17.5.0

f5:big-ip_edge_gateway >= 13.1.0, <= 17.1.2

f5:big-ip_edge_gateway = 17.5.0

f5:big-ip_fraud_protection_service >= 13.1.0, <= 17.1.2

f5:big-ip_fraud_protection_service = 17.5.0

f5:big-ip_global_traffic_manager >= 13.1.0, <= 17.1.2

f5:big-ip_global_traffic_manager = 17.5.0

f5:big-ip_link_controller >= 13.1.0, <= 17.1.2

f5:big-ip_link_controller = 17.5.0

f5:big-ip_local_traffic_manager >= 13.1.0, <= 17.1.2

f5:big-ip_local_traffic_manager = 17.5.0

f5:big-ip_policy_enforcement_manager >= 13.1.0, <= 17.1.2

f5:big-ip_policy_enforcement_manager = 17.5.0

f5:big-ip_service_proxy = 1.6.0

f5:big-ip_ssl_orchestrator >= 13.1.0, <= 17.1.2

f5:big-ip_ssl_orchestrator = 17.5.0

f5:big-ip_webaccelerator >= 13.1.0, <= 17.1.2

f5:big-ip_webaccelerator = 17.5.0

f5:big-ip_websafe >= 13.1.0, <= 17.1.2

f5:big-ip_websafe = 17.5.0

f5:big-iq_centralized_management >= 8.0.0, <= 8.4.0

f5:big-iq_centralized_management = 7.1.0

f5:traffix_signaling_delivery_controller = 5.1.0

f5:traffix_signaling_delivery_controller = 5.2.0

f5:f5os-a >= 1.3.0, <= 1.3.2

f5:f5os-a >= 1.5.0, <= 1.5.3

f5:f5os-a = 1.8.0

f5:f5os-c >= 1.3.0, <= 1.3.2

f5:f5os-c >= 1.6.0, <= 1.6.2

f5:f5os-c = 1.5.0

f5:f5os-c = 1.5.1

f5:f5os-c = 1.8.0

f5:f5os-c = 1.8.1

hpe:arubaos-cx >= 10.06.0000, < 10.06.0180

hpe:arubaos-cx >= 10.07.0000, < 10.07.0030

hpe:arubaos-cx >= 10.08.0000, < 10.08.0010

hpe:arubaos-cx >= 10.09.0000, < 10.09.0002

stormshield:stormshield_management_center < 3.3.3

stormshield:stormshield_network_security >= 2.7.0, < 4.3.16

stormshield:stormshield_network_security >= 4.4.0, < 4.6.3

Resolve an exact build at /cpe/<vendor>/<product>/<version>.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf Third Party Advisory
https://dheatattack.com Third Party Advisory
https://dheatattack.gitlab.io/ Third Party Advisory
https://github.com/Balasys/dheater Product Third Party Advisory
https://github.com/mozilla/ssl-config-generator/issues/162 Issue Tracking
https://gitlab.com/dheatattack/dheater Third Party Advisory
https://ieeexplore.ieee.org/document/10374117 Technical Description Third Party Advisory
https://support.f5.com/csp/article/K83120834 Third Party Advisory
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt Technical Description Third Party Advisory
https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/ Third Party Advisory
https://www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/ Issue Tracking
https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol Exploit Technical Description
https://www.suse.com/support/kb/doc/?id=000020510 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf Third Party Advisory
https://dheatattack.com Third Party Advisory
https://dheatattack.gitlab.io/ Third Party Advisory
https://github.com/Balasys/dheater Product Third Party Advisory
https://github.com/mozilla/ssl-config-generator/issues/162 Issue Tracking
https://gitlab.com/dheatattack/dheater Third Party Advisory
https://ieeexplore.ieee.org/document/10374117 Technical Description Third Party Advisory
https://support.f5.com/csp/article/K83120834 Third Party Advisory
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt Technical Description Third Party Advisory
https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/ Third Party Advisory
https://www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/ Issue Tracking
https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol Exploit Technical Description
https://www.suse.com/support/kb/doc/?id=000020510 Third Party Advisory