Description The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
CVSS vector AV:N/AC:M/C:N/I:P/A:N Exploitability: 8.6 | Impact: 2.9 Confidentiality: None
Availability: None
Affected Packages16 packages Show 11 more packages
🔴 Vulnerability Details9 GHSA GHSA-wff6-5qmg-74j3: GSKit in IBM Tivoli Directory Server (ITDS) 6 ↗ 2022-05-17 ▶ GHSA GHSA-rpmm-5q5g-56vf: The TLS stack in Mono before 3 ↗ 2022-05-14 ▶ GHSA GHSA-2cqr-v8j2-59fq: Secure Transport in Apple iOS before 8 ↗ 2022-05-14 ▶ GHSA GHSA-ff55-77ff-xv8x: The ssl3_get_key_exchange function in s3_clnt ↗ 2022-05-14 ▶ GHSA GHSA-7cgm-fx9j-3rcr: EMC RSA BSAFE Micro Edition Suite (MES) 4 ↗ 2022-05-13 ▶ Show 4 more
🔍 Detection Rules1 Suricata ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204) ↗ 2015-03-11 ▶
📋 Vendor Advisories18 BSD FreeBSD-SA-15:06.openssl: Multiple OpenSSL vulnerabilities ↗ 2015-03-19 ▶ Red Hat JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK) ↗ 2015-03-11 ▶ Cisco Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products ↗ 2015-03-10 ▶ BSD FreeBSD-SA-15:01.openssl: OpenSSL multiple vulnerabilities ↗ 2015-01-14 ▶ Cisco OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability ↗ 2015-01-13 ▶ Show 13 more
🕵️ Threat Intelligence7 Tenable [R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities ↗ 2017-01-31 ▶ Tenable Verizon 2016 DBIR – Most Interesting Things ↗ 2016-05-18 ▶ Tenable Verizon 2016 DBIR – Most Common Vulnerabilities ↗ 2016-05-18 ▶ Tenable [R6] OpenSSL '20150319' Advisory Affects Tenable Products ↗ 2015-03-29 ▶ Qualys Addressing CVE-2015-0204 FREAK with Qualys VM | Qualys ↗ 2015-03-06 ▶ Show 2 more
📄 Research Papers2 arXiv ASNM Datasets: A Collection of Network Traffic Features for Testing of Adversarial Classifiers and Network Intrusion Detectors ↗ 2019-10-23 ▶ arXiv Secure by default - the case of TLS ↗ 2017-08-24 ▶
💬 Community4 Bugzilla CVE-2015-0138 IBM JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK) ↗ 2015-05-06 ▶ HackerOne FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers ↗ 2015-04-01 ▶ Bugzilla CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites [fedora-all] ↗ 2015-01-08 ▶ Bugzilla CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) ↗ 2015-01-08 ▶