balasys dheater CVE-2002-20001 vulnerability in Balasys and Other Products
Published on November 11, 2021

product logo product logo product logo product logo
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

NVD


Products Associated with CVE-2002-20001

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2002-20001 are published in these products:

Balasys Dheater
 
Suse Linux Enterprise Server
 
F5 Networks Big Iq Centralized Management
 
F5 Networks Big Ip Service Proxy
 
F5 Networks Traffix Sdc
 
F5 Networks Big Ip Access Policy Manager
 
F5 Networks Big Ip Advanced Firewall Manager
 
F5 Networks Big Ip Advanced Web Application Firewall
 
F5 Networks Big Ip Analytics
 
F5 Networks Big Ip Application Acceleration Manager
 
F5 Networks Big Ip Application Security Manager
 
F5 Networks Big Ip Application Visibility Reporting
 
F5 Networks Big Ip Carrier Grade Nat
 
F5 Networks Big Ip Ddos Hybrid Defender
 
F5 Networks Big Ip Domain Name System
 
F5 Networks Big Ip Edge Gateway
 
F5 Networks Big Ip Fraud Protection Service
 
F5 Networks Big Ip Global Traffic Manager
 
F5 Networks Big Ip Link Controller
 
F5 Networks Big Ip Local Traffic Manager
 
F5 Networks Big Ip Policy Enforcement Manager
 
F5 Networks Big Ip Ssl Orchestrator
 
F5 Networks Big Ip Webaccelerator
 
F5 Networks Big Ip Websafe
 
F5 Networks F5os C
 
F5 Networks F5os A
 
Stormshield Network Security
 
Stormshield Management Center
 
F5 Networks Traffix Signaling Delivery Controller
 

Exploit Probability

EPSS
14.68%
Percentile
94.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.