ID CVE-2018-12404
Summary A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.22:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.22:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.30.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.30.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.30.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.30.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.31:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.31:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.31.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.31.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.32:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.32:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.33:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.33:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.34:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.34:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.34.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.34.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.35:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.35:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.36:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.36:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.36.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.36.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.36.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.36.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.36.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.36.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.37:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.37:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.37.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.37.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.37.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.38:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.38:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.39:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.39:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-07-2019 - 12:15)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
refmap via4
bid 107260
misc https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12404
Last major update 20-07-2019 - 12:15
Published 02-05-2019 - 17:29
Back to Top