CVE-2020-1968 (CNNVD-202009-585)
中文标题:
OpenSSL 加密问题漏洞
英文标题:
Raccoon attack
漏洞描述
中文描述:
OpenSSL是Openssl团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL 中存在加密问题漏洞。该漏洞源于DH Pre-master Secret Raccoon。攻击者可利用该漏洞绕过数据访问限制,获取敏感信息。
英文描述:
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| OpenSSL | OpenSSL | Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v) | - | - |
cpe:2.3:a:openssl:openssl:fixed_in_openssl_1.0.2w_(affected_1.0.2-1.0.2v):*:*:*:*:*:*:*
|
| openssl | openssl | * | - | - |
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 16.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
|
| canonical | ubuntu_linux | 18.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
|
| debian | debian_linux | 9.0 | - | - |
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
|
| oracle | jd_edwards_world_security | a9.4 | - | - |
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.56 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.57 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.58 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
|
| oracle | ethernet_switch_es2-64_firmware | 2.0.0.14 | - | - |
cpe:2.3:o:oracle:ethernet_switch_es2-64_firmware:2.0.0.14:*:*:*:*:*:*:*
|
| oracle | ethernet_switch_es2-72_firmware | 2.0.0.14 | - | - |
cpe:2.3:o:oracle:ethernet_switch_es2-72_firmware:2.0.0.14:*:*:*:*:*:*:*
|
| fujitsu | m10-1_firmware | * | - | - |
cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*
|
| fujitsu | m10-4_firmware | * | - | - |
cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*
|
| fujitsu | m10-4s_firmware | * | - | - |
cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*
|
| fujitsu | m12-1_firmware | * | - | - |
cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*
|
| fujitsu | m12-2_firmware | * | - | - |
cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*
|
| fujitsu | m12-2s_firmware | * | - | - |
cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*
|
| oracle | ethernet_switch_es1-24_firmware | 1.3.1 | - | - |
cpe:2.3:o:oracle:ethernet_switch_es1-24_firmware:1.3.1:*:*:*:*:*:*:*
|
| oracle | ethernet_switch_tor-72_firmware | 1.2.2 | - | - |
cpe:2.3:o:oracle:ethernet_switch_tor-72_firmware:1.2.2:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
CVSS评分详情
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2020-1968 |
2025-11-11 15:20:28 | 2025-11-11 07:36:09 |
| NVD | nvd_CVE-2020-1968 |
2025-11-11 14:57:03 | 2025-11-11 07:44:35 |
| CNNVD | cnnvd_CNNVD-202009-585 |
2025-11-11 15:10:30 | 2025-11-11 07:56:27 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 加密问题
- cnnvd_id: 未提取 -> CNNVD-202009-585
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.LOW
- cvss_score: 未提取 -> 3.7
- cvss_vector: NOT_EXTRACTED -> CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
- cvss_version: NOT_EXTRACTED -> 3.1
- affected_products_count: 1 -> 19
- data_sources: ['cve'] -> ['cve', 'nvd']