CVE-2015-8960

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
References
Link Resource
http://twitter.com/matthew_d_green/statuses/630908726950674433 Press/Media Coverage Technical Description Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/09/20/4 Mailing List Technical Description Third Party Advisory
http://www.securityfocus.com/bid/93071 Broken Link Third Party Advisory VDB Entry
https://kcitls.org Exploit Technical Description
https://security.netapp.com/advisory/ntap-20180626-0002/ Third Party Advisory
https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf Exploit Mitigation Technical Description
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ietf:transport_layer_security:*:*:*:*:*:*:*:*
OR cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:host_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:system_setup:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-09-21 02:59

Updated : 2024-02-28 15:21


NVD link : CVE-2015-8960

Mitre link : CVE-2015-8960

CVE.ORG link : CVE-2015-8960


JSON object : View

Products Affected

netapp

  • clustered_data_ontap_antivirus_connector
  • plug-in_for_symantec_netbackup
  • solidfire_\&_hci_management_node
  • system_setup
  • host_agent
  • data_ontap_edge
  • oncommand_shift
  • smi-s_provider
  • snapmanager
  • snapdrive
  • snapprotect
  • snap_creator_framework

mozilla

  • firefox

google

  • chrome

opera

  • opera_browser

microsoft

  • internet_explorer

apple

  • safari

ietf

  • transport_layer_security
CWE
CWE-295

Improper Certificate Validation