var-201609-0068
Vulnerability from variot
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue. TLS is prone to security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. TLS (full name Transport Layer Security) protocol is a set of protocols used to provide confidentiality and data integrity between two communication applications. There are security holes in TLS protocol 1.2 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0068",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smi-s provider",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "host agent",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "solidfire \\\u0026 hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "transport layer security",
"scope": "lte",
"trust": 1.0,
"vendor": "ietf",
"version": "1.2"
},
{
"model": "snapdrive",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "system setup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "oncommand shift",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "plug-in for symantec netbackup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "data ontap edge",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "snapprotect",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "snapmanager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "snap creator framework",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "firefox",
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": "opera",
"scope": null,
"trust": 0.8,
"vendor": "opera asa",
"version": null
},
{
"model": "safari",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "internet explorer",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "opera",
"scope": null,
"trust": 0.6,
"vendor": "opera",
"version": null
},
{
"model": "tls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1.2"
},
{
"model": "tls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1.1"
},
{
"model": "tls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "93071"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:opera:opera_browser",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:microsoft:internet_explorer",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RISE GmbH",
"sources": [
{
"db": "BID",
"id": "93071"
}
],
"trust": 0.3
},
"cve": "CVE-2015-8960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8960",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-86921",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-8960",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-8960",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8960",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-8960",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-86921",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-8960",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the \"Key Compromise Impersonation (KCI)\" issue. TLS is prone to security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. TLS (full name Transport Layer Security) protocol is a set of protocols used to provide confidentiality and data integrity between two communication applications. There are security holes in TLS protocol 1.2 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8960"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "BID",
"id": "93071"
},
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "VULMON",
"id": "CVE-2015-8960"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8960",
"trust": 2.9
},
{
"db": "BID",
"id": "93071",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/09/20/4",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86921",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-8960",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"db": "BID",
"id": "93071"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"id": "VAR-201609-0068",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86921"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:30:57.799000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Firefox",
"trust": 0.8,
"url": "https://www.mozilla.org/ja/firefox/desktop/"
},
{
"title": "Opera",
"trust": 0.8,
"url": "http://www.opera.com/ja"
},
{
"title": "Safari",
"trust": 0.8,
"url": "http://www.apple.com/jp/safari/"
},
{
"title": "Internet Explorer",
"trust": 0.8,
"url": "https://support.microsoft.com/ja-jp/products/internet-explorer"
},
{
"title": "TLS protocol Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=64220"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://twitter.com/matthew_d_green/statuses/630908726950674433"
},
{
"trust": 2.6,
"url": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/93071"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20180626-0002/"
},
{
"trust": 1.8,
"url": "https://kcitls.org"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2016/09/20/4"
},
{
"trust": 1.1,
"url": "https://kcitls.org/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8960"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8960"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2016/q3/576"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"db": "BID",
"id": "93071"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-86921"
},
{
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"db": "BID",
"id": "93071"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-86921"
},
{
"date": "2016-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"date": "2016-09-19T00:00:00",
"db": "BID",
"id": "93071"
},
{
"date": "2016-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"date": "2016-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"date": "2016-09-21T02:59:00.133000",
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-86921"
},
{
"date": "2018-06-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8960"
},
{
"date": "2016-10-03T00:02:00",
"db": "BID",
"id": "93071"
},
{
"date": "2016-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007257"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-496"
},
{
"date": "2024-11-21T02:39:32.840000",
"db": "NVD",
"id": "CVE-2015-8960"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TLS In the protocol TLS Vulnerability impersonating a server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007257"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-496"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.