CVE-2018-12384
nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.
Cuando se maneja una petición ClientHello compatible con SSLv2, el servidor no genera un nuevo valor aleatorio, sino que envía un valor All-Zero en su lugar. Esto conlleva a una maleabilidad completa del ClientHello para SSLv2 usado para TLS 1.2 en todas las versiones anteriores a NSS 3.39. Esto no afecta a TLS 1.3.
A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-14 CVE Reserved
- 2018-09-25 CVE Published
- 2024-01-14 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | X_refsource_misc |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12384 | 2020-08-24 | |
https://access.redhat.com/security/cve/CVE-2018-12384 | 2018-10-09 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1622089 | 2018-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | < 3.39 Search vendor "Mozilla" for product "Network Security Services" and version " < 3.39" | - |
Affected
|