CVE-2018-12384

EUVD-2018-4358
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.
PRNG
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
mozillanetwork_security_services
𝑥
< 3.39
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nss
bookworm
2:3.87.1-1
fixed
bullseye
2:3.61-1+deb11u3
fixed
bullseye (security)
2:3.61-1+deb11u4
fixed
jessie
postponed
sid
2:3.105-2
fixed
stretch
postponed
trixie
2:3.105-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nss
bionic
Fixed 2:3.35-2ubuntu2.1
released
cosmic
Fixed 2:3.36.1-1ubuntu1.1
released
trusty
Fixed 2:3.28.4-0ubuntu0.14.04.4
released
xenial
Fixed 2:3.28.4-0ubuntu0.16.04.4
released
Common Weakness Enumeration
References
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12384
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-12384
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html