CVE-2015-8960
HIGHIetf Transport Layer Security < 1.2 - Improper Certificate Validation
Title source: ruleDescription
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
References (6)
Core 6
Core References
Mailing List, Technical Description, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/09/20/4
Press/Media Coverage, Technical Description, Third Party Advisory x_refsource_misc
http://twitter.com/matthew_d_green/statuses/630908726950674433
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93071
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20180626-0002/
Exploit, Mitigation, Technical Description x_refsource_misc
https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf
Exploit, Technical Description x_refsource_misc
https://kcitls.org
Scores
CVSS v3
8.1
EPSS
0.0195
EPSS Percentile
77.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-295
Status
published
Products (13)
ietf/transport_layer_security
< 1.2
netapp/clustered_data_ontap_antivirus_connector
netapp/data_ontap_edge
netapp/host_agent
netapp/oncommand_shift
netapp/plug-in_for_symantec_netbackup
netapp/smi-s_provider
netapp/snap_creator_framework
netapp/snapdrive
(2 CPE variants)
netapp/snapmanager
(2 CPE variants)
... and 3 more
Published
Sep 21, 2016
Tracked Since
Feb 18, 2026