CVE-2015-8960
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
El protocolo TLS 1.2 y versiones anteriores soporta los valores rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh y ecdsa_fixed_ecdh para ClientCertificateType pero no documenta directamente la habilidad para computar el secreto maestro en determinadas situaciones con una clave de cliente secreta y una clave pública de servidor pero no una clave secreta de servidor, lo que facilita a atacantes man-in-the-middle suplantar servidores TLS aprovechando el conocimiento de la clave secreta para un certificado cliente X.509 arbitrariamente instalado, también conocido como problema "Key Compromise Impersonation (KCI)".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-09-20 CVE Reserved
- 2016-09-21 CVE Published
- 2023-05-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://twitter.com/matthew_d_green/statuses/630908726950674433 | Media Coverage | |
| http://www.openwall.com/lists/oss-security/2016/09/20/4 | Mailing List |
|
| http://www.securityfocus.com/bid/93071 | Broken Link | |
| https://security.netapp.com/advisory/ntap-20180626-0002 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://kcitls.org | 2024-08-06 | |
| https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ietf Search vendor "Ietf" | Transport Layer Security Search vendor "Ietf" for product "Transport Layer Security" | <= 1.2 Search vendor "Ietf" for product "Transport Layer Security" and version " <= 1.2" | - |
Affected
| in | Apple Search vendor "Apple" | Safari Search vendor "Apple" for product "Safari" | - | - |
Safe
|
| Ietf Search vendor "Ietf" | Transport Layer Security Search vendor "Ietf" for product "Transport Layer Security" | <= 1.2 Search vendor "Ietf" for product "Transport Layer Security" and version " <= 1.2" | - |
Affected
| in | Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | - | - |
Safe
|
| Ietf Search vendor "Ietf" | Transport Layer Security Search vendor "Ietf" for product "Transport Layer Security" | <= 1.2 Search vendor "Ietf" for product "Transport Layer Security" and version " <= 1.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | - | - |
Safe
|
| Ietf Search vendor "Ietf" | Transport Layer Security Search vendor "Ietf" for product "Transport Layer Security" | <= 1.2 Search vendor "Ietf" for product "Transport Layer Security" and version " <= 1.2" | - |
Affected
| in | Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | - | - |
Safe
|
| Ietf Search vendor "Ietf" | Transport Layer Security Search vendor "Ietf" for product "Transport Layer Security" | <= 1.2 Search vendor "Ietf" for product "Transport Layer Security" and version " <= 1.2" | - |
Affected
| in | Opera Search vendor "Opera" | Opera Browser Search vendor "Opera" for product "Opera Browser" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | Clustered Data Ontap Antivirus Connector Search vendor "Netapp" for product "Clustered Data Ontap Antivirus Connector" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Data Ontap Edge Search vendor "Netapp" for product "Data Ontap Edge" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Host Agent Search vendor "Netapp" for product "Host Agent" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Shift Search vendor "Netapp" for product "Oncommand Shift" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Plug-in For Symantec Netbackup Search vendor "Netapp" for product "Plug-in For Symantec Netbackup" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Smi-s Provider Search vendor "Netapp" for product "Smi-s Provider" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snap Creator Framework Search vendor "Netapp" for product "Snap Creator Framework" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapdrive Search vendor "Netapp" for product "Snapdrive" | - | unix |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapdrive Search vendor "Netapp" for product "Snapdrive" | - | windows |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | - | oracle |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | - | sap |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapprotect Search vendor "Netapp" for product "Snapprotect" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Solidfire \& Hci Management Node Search vendor "Netapp" for product "Solidfire \& Hci Management Node" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | System Setup Search vendor "Netapp" for product "System Setup" | - | - |
Affected
| ||||||