Unknown
CVE-2002-20001
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2002-20001
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Products
- arubaos-cx,
- big-ip access policy manager,
- big-ip advanced firewall manager,
- big-ip advanced web application firewall,
- big-ip analytics,
- big-ip application acceleration manager,
- big-ip application security manager,
- big-ip application visibility and reporting,
- big-ip carrier-grade nat,
- big-ip ddos hybrid defender,
- big-ip domain name system,
- big-ip edge gateway,
- big-ip fraud protection service,
- big-ip global traffic manager,
- big-ip link controller,
- big-ip local traffic manager,
- big-ip policy enforcement manager,
- big-ip service proxy 1.6.0,
- big-ip ssl orchestrator,
- big-ip webaccelerator,
- big-ip websafe,
- big-iq centralized management,
- big-iq centralized management 7.1.0,
- dheater -,
- f5os-a 1.3.0,
- f5os-a 1.3.1,
- f5os-c,
- f5os-c 1.5.0,
- f5os-c 1.5.1,
- linux enterprise server 11,
- linux enterprise server 12,
- linux enterprise server 15,
- scalance w1750d firmware,
- stormshield management center,
- stormshield network security,
- traffix signaling delivery controller 5.1.0,
- traffix signaling delivery controller 5.2.0
References
Miscellaneous
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
