CVE-2020-1968

Published Sep 9, 2020

Last updated 2 months ago

CVSS low 3.7

Overview

Description: The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
Source: openssl-security@openssl.org
NVD status: Modified
Products: openssl, ubuntu_linux, debian_linux, jd_edwards_world_security, peoplesoft_enterprise_peopletools, ethernet_switch_es2-64_firmware, ethernet_switch_es2-72_firmware, m10-1_firmware, m10-4_firmware, m10-4s_firmware, m12-1_firmware, m12-2_firmware, m12-2s_firmware, ethernet_switch_es1-24_firmware, ethernet_switch_tor-72_firmware

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.7
Impact score: 1.4
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: LOW

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-203
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-203

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "A05055C5-49F7-4B9F-B2DC-D192296C41F0",
            "versionEndIncluding": "1.0.2v",
            "versionStartIncluding": "1.0.2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
            "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "0B1CAD50-749F-4ADB-A046-BF3585677A58",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
            "matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
            "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
            "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:ethernet_switch_es2-64_firmware:2.0.0.14:*:*:*:*:*:*:*",
            "matchCriteriaId": "8B0403A9-E552-48CA-9CD5-31B48684FF70",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:oracle:ethernet_switch_es2-64:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "D4AB93AB-A30F-40AE-8246-10036FF077FE",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:ethernet_switch_es2-72_firmware:2.0.0.14:*:*:*:*:*:*:*",
            "matchCriteriaId": "4F58DF8F-5478-4E00-BF9D-14BA3B79DA99",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:oracle:ethernet_switch_es2-72:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "0D4E5146-C8E3-40D2-93D9-F9E85768A5B4",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9C3CF24D-2DE4-4E3B-B36E-D952D0E65E0B",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9F742415-8605-4B83-9410-BDA07BABF740",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "4E9ED009-8D47-430C-9F59-EE09ECF2299E",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9AB0DC35-F821-49BA-A5F1-45DD086915B0",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "6DF75FC1-C88D-45DA-BBD0-7EB0B9EED343",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9762A1D1-ED90-4E9C-B672-2499ABA48C46",
            "versionEndExcluding": "xcp2400",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "4D2AB72D-52FB-4D23-95FD-D10958F8B936",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B1198FC6-A33A-4F4D-9643-51DEE8D46E17",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "12F2A182-B9A0-4011-9791-435C5709E313",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B037D0E6-B857-4539-ADDC-FE2ADC2B0C2F",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "968A6DC3-9E0B-4FBD-8AAB-2ECD8CE47D23",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C219921D-966D-4EAC-A129-9D4BFE6FCD36",
            "versionEndExcluding": "xcp3100",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:ethernet_switch_es1-24_firmware:1.3.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "EDA6CD79-6D03-44C6-BA41-F190E5037EF3",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:oracle:ethernet_switch_es1-24:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "62136C7B-992F-4889-9394-B233533636E3",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:ethernet_switch_tor-72_firmware:1.2.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "FCDF5167-832D-4483-AD01-6534111196FB",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:oracle:ethernet_switch_tor-72:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "03657F1F-618B-479D-AD29-BB58AF1A3819",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

Related CVEs

References