CVE-2010-4252

CVSS V2 High 7.5 CVSS V3 None
Description
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol.
Overview
  • CVE ID
  • CVE-2010-4252
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2010-12-06T21:05:49
  • Last Modified Date
  • 2023-02-13T04:28:30
Weakness Enumerations
CWE URL
CWE-287 http://cwe.mitre.org/data/definitions/287.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* 1 OR 1.0.0b
cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* 1 OR
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 7.5
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 6.4
References
Reference URL Reference Tags
http://cvs.openssl.org/chngview?cn=20098 Patch
http://securitytracker.com/id?1024823
http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf Exploit
http://openssl.org/news/secadv_20101202.txt
https://bugzilla.redhat.com/show_bug.cgi?id=659297 Patch
https://github.com/seb-m/jpake Patch
http://www.securityfocus.com/bid/45163
http://www.vupen.com/english/advisories/2010/3120 Vendor Advisory
http://www.vupen.com/english/advisories/2010/3122 Vendor Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471
http://secunia.com/advisories/42469 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
http://secunia.com/advisories/57353
http://marc.info/?l=bugtraq&m=129916880600544&w=2
http://marc.info/?l=bugtraq&m=130497251507577&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19039
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2010-4252
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252
History
Created Old Value New Value Data Type Notes
2022-05-10 08:33:46 Added to TrackCVE
2023-02-02 17:03:10 2023-02-02T15:15:17 CVE Modified Date updated
2023-02-02 17:03:10 OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. CVE-2010-4252 openssl: session key retrieval flaw in J-PAKE implementation Description updated
2023-02-13 05:04:01 2023-02-13T04:28:30 CVE Modified Date updated
2023-02-13 05:04:02 CVE-2010-4252 openssl: session key retrieval flaw in J-PAKE implementation OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. Description updated