CVE-2016-8635

MEDIUM

Mozilla Network Security Services 3.21-3.21.4 - Private Key Recovery via Small Subgroup Confinement Attack

Title source: llm
STIX 2.1

Description

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

References (4)

Core 4
Core References
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8635
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2779.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201701-46
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94346

Scores

CVSS v3 5.3
EPSS 0.0202
EPSS Percentile 78.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-320 CWE-358
Status published
Products (19)
mozilla/network_security_services 3.21 - 3.21.4
redhat/enterprise_linux_desktop 5.0
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_server 5.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_server_aus 7.3
redhat/enterprise_linux_server_aus 7.4
redhat/enterprise_linux_server_aus 7.6
... and 9 more
Published Aug 01, 2018
Tracked Since Feb 18, 2026