ID CVE-2020-1968
Summary The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2o:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2o:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2p:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2p:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2q:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2q:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2r:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2r:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2s:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2s:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2t:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2t:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2u:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2u:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2v:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2v:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:ethernet_switch_es2-64_firmware:2.0.0.14:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:ethernet_switch_es2-64_firmware:2.0.0.14:*:*:*:*:*:*:*
  • cpe:2.3:h:oracle:ethernet_switch_es2-64:-:*:*:*:*:*:*:*
    cpe:2.3:h:oracle:ethernet_switch_es2-64:-:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:ethernet_switch_es2-72_firmware:2.0.0.14:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:ethernet_switch_es2-72_firmware:2.0.0.14:*:*:*:*:*:*:*
  • cpe:2.3:h:oracle:ethernet_switch_es2-72:-:*:*:*:*:*:*:*
    cpe:2.3:h:oracle:ethernet_switch_es2-72:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp2280:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp2280:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp2280:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp2280:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2280:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2280:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2361:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2361:*:*:*:*:*:*:*
  • cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-1_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-1_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m10-4s_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m10-4s_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-1_firmware:xcp3090:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-1_firmware:xcp3090:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2_firmware:xcp3090:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2_firmware:xcp3090:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2400:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2400:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2410:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:xcp2410:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:xcp3070:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:xcp3070:*:*:*:*:*:*:*
  • cpe:2.3:o:fujitsu:m12-2s_firmware:xcp3090:*:*:*:*:*:*:*
    cpe:2.3:o:fujitsu:m12-2s_firmware:xcp3090:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:ethernet_switch_es1-24_firmware:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:ethernet_switch_es1-24_firmware:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:h:oracle:ethernet_switch_es1-24:-:*:*:*:*:*:*:*
    cpe:2.3:h:oracle:ethernet_switch_es1-24:-:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:ethernet_switch_tor-72_firmware:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:ethernet_switch_tor-72_firmware:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:h:oracle:ethernet_switch_tor-72:-:*:*:*:*:*:*:*
    cpe:2.3:h:oracle:ethernet_switch_tor-72:-:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 21-11-2022 - 19:48)
Impact:
Exploitability:
CWE CWE-203
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
refmap via4
confirm
misc https://www.oracle.com/security-alerts/cpujan2021.html
mlist [debian-lts-announce] 20200925 [SECURITY] [DLA 2378-1] openssl1.0 security update
ubuntu USN-4504-1
Last major update 21-11-2022 - 19:48
Published 09-09-2020 - 14:15
Last modified 21-11-2022 - 19:48
Back to Top