CVE-2015-8960

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
References
Link Resource
http://twitter.com/matthew_d_green/statuses/630908726950674433 Press/Media Coverage Technical Description Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/09/20/4 Mailing List Technical Description Third Party Advisory
http://www.securityfocus.com/bid/93071 Broken Link Third Party Advisory VDB Entry
https://kcitls.org Exploit Technical Description
https://security.netapp.com/advisory/ntap-20180626-0002/ Third Party Advisory
https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf Exploit Mitigation Technical Description
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ietf:transport_layer_security:*:*:*:*:*:*:*:*
OR cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:host_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:system_setup:-:*:*:*:*:*:*:*

History

30 Jan 2023, 17:33

Type Values Removed Values Added
CPE cpe:2.3:a:opera:opera:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:a:ietf:transport_layer_security:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:system_setup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:host_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*
First Time Netapp snapdrive
Netapp system Setup
Ietf transport Layer Security
Netapp oncommand Shift
Netapp host Agent
Netapp
Opera opera Browser
Netapp solidfire \& Hci Management Node
Netapp plug-in For Symantec Netbackup
Netapp smi-s Provider
Netapp snap Creator Framework
Netapp clustered Data Ontap Antivirus Connector
Netapp snapmanager
Netapp snapprotect
Ietf
Netapp data Ontap Edge
CWE CWE-310 CWE-295
References (MLIST) http://www.openwall.com/lists/oss-security/2016/09/20/4 - Mailing List, Third Party Advisory (MLIST) http://www.openwall.com/lists/oss-security/2016/09/20/4 - Mailing List, Technical Description, Third Party Advisory
References (MISC) http://twitter.com/matthew_d_green/statuses/630908726950674433 - Press/Media Coverage (MISC) http://twitter.com/matthew_d_green/statuses/630908726950674433 - Press/Media Coverage, Technical Description, Third Party Advisory
References (MISC) https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf - Technical Description (MISC) https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf - Exploit, Mitigation, Technical Description
References (CONFIRM) https://security.netapp.com/advisory/ntap-20180626-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20180626-0002/ - Third Party Advisory
References (MISC) https://kcitls.org - Technical Description (MISC) https://kcitls.org - Exploit, Technical Description
References (BID) http://www.securityfocus.com/bid/93071 - (BID) http://www.securityfocus.com/bid/93071 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2016-09-21 02:59

Updated : 2023-12-10 11:46


NVD link : CVE-2015-8960

Mitre link : CVE-2015-8960

CVE.ORG link : CVE-2015-8960


JSON object : View

Products Affected

netapp

  • host_agent
  • oncommand_shift
  • clustered_data_ontap_antivirus_connector
  • snapdrive
  • snapmanager
  • snap_creator_framework
  • plug-in_for_symantec_netbackup
  • solidfire_\&_hci_management_node
  • smi-s_provider
  • snapprotect
  • system_setup
  • data_ontap_edge

microsoft

  • internet_explorer

apple

  • safari

opera

  • opera_browser

google

  • chrome

ietf

  • transport_layer_security

mozilla

  • firefox
CWE
CWE-295

Improper Certificate Validation