CVE-2015-7575 : Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefo

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

Published 2016-01-09 02:59:11

Updated 2025-04-12 10:46:41

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2015-7575

Mozilla » Firefox
Versions up to, including, (<=) 43.0.1
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.0
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.0.1
cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.0.5
cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.1.0
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.1.1
cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.2.0
cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.2.1
cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.3.0
cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.4.0
cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.5.0
cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 38.5.1
cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Network Security Services
Versions up to, including, (<=) 3.20.1
cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.04
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.2
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 42.1
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-7575

EPSS FAQ

2.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-7575

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.9	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2015-7575

CWE-19

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-7575

http://www.ubuntu.com/usn/USN-2863-1

USN-2863-1: OpenSSL vulnerability | Ubuntu security notices
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Oracle Critical Patch Update - January 2016
Vendor Advisory

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20160225-0001/

CVE-2015-7575 TLS Vulnerability in Multiple NetApp Products | NetApp Product Security
http://www.securitytracker.com/id/1036467

IBM AIX Default TLS Version Lets Remote Users Conduct Man-in-the-Middle Attacks Obtain Potentially Sensitive Information on the Target System - SecurityTracker

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html

openSUSE-SU-2016:0605-1: moderate: Security update for bouncycastle
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html

openSUSE-SU-2016:0307-1: moderate: Security update for seamonkey
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2865-1

USN-2865-1: GnuTLS vulnerability | Ubuntu security notices
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html

openSUSE-SU-2015:2405-1: moderate: Security update for mozilla-nss
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html

openSUSE-SU-2016:0162-1: moderate: Security update for mbedtls
http://www.securitytracker.com/id/1034541

Mozilla Firefox MD5 Signature Support in TLS ServerKeyExchange Messages Exposes Users to Hash Collision Forgery Attacks - SecurityTracker
http://www.debian.org/security/2016/dsa-3458

Debian -- Security Information -- DSA-3458-1 openjdk-7

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2866-1

USN-2866-1: Firefox vulnerability | Ubuntu security notices
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

[security-announce] SUSE-SU-2016:0269-1: critical: Security update for j

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html

openSUSE-SU-2016:0308-1: moderate: Security update for Seamonkey
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

[security-announce] SUSE-SU-2016:0265-1: critical: Security update for j

CVEs referencing this url
http://www.securityfocus.com/bid/79684

Mozilla Network Security Services CVE-2015-7575 Security Bypass Vulnerability
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html

openSUSE-SU-2016:0007-1: moderate: Security update for MozillaFirefox
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

cpuapr2016v3
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/91787

Oracle July 2016 Critical Patch Update Multiple Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3436

Debian -- Security Information -- DSA-3436-1 openssl
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html

openSUSE-SU-2016:0161-1: moderate: Security update for polarssl
https://security.gentoo.org/glsa/201801-15

PolarSSL: Multiple vulnerabilities (GLSA 201801-15) — Gentoo security

CVEs referencing this url
https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes

NSS 3.20.2 release notes - Mozilla | MDN
Vendor Advisory
https://security.gentoo.org/glsa/201706-18

mbed TLS: Multiple vulnerabilities (GLSA 201706-18) — Gentoo security

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

[security-announce] SUSE-SU-2016:0256-1: critical: Security update for j

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0056.html

RHSA-2016:0056 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3491

Debian -- Security Information -- DSA-3491-1 icedove

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0049.html

RHSA-2016:0049 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Oracle Critical Patch Update - October 2017

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Oracle Critical Patch Update - July 2016
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

[security-announce] openSUSE-SU-2016:0279-1: critical: Security update f

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0050.html

RHSA-2016:0050 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Oracle Linux Bulletin - January 2016

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

[security-announce] openSUSE-SU-2016:0268-1: critical: Security update f

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0054.html

RHSA-2016:0054 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

[security-announce] openSUSE-SU-2016:0270-1: critical: Security update f

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2884-1

USN-2884-1: OpenJDK 7 vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

openSUSE-SU-2016:0488-1: moderate: Security update for Thunderbird

CVEs referencing this url
http://www.mozilla.org/security/announce/2015/mfsa2015-150.html

MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature — Mozilla
Vendor Advisory
http://www.debian.org/security/2016/dsa-3437

Debian -- Security Information -- DSA-3437-1 gnutls26
https://access.redhat.com/errata/RHSA-2016:1430

RHSA-2016:1430 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2864-1

USN-2864-1: NSS vulnerability | Ubuntu security notices
https://bugzilla.mozilla.org/show_bug.cgi?id=1158489

1158489 - (CVE-2015-7575) Prevent MD5 Downgrade in TLS 1.2 Signatures
Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

[security-announce] openSUSE-SU-2016:0272-1: important: Security update

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0055.html

RHSA-2016:0055 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2904-1

USN-2904-1: Thunderbird vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3688

Debian -- Security Information -- DSA-3688-1 nss

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-0053.html

RHSA-2016:0053 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://security.gentoo.org/glsa/201701-46

Mozilla Network Security Service (NSS): Multiple vulnerabilities (GLSA 201701-46) — Gentoo security

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3457

Debian -- Security Information -- DSA-3457-1 iceweasel

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

[security-announce] openSUSE-SU-2016:0263-1: critical: Security update f

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3465

Debian -- Security Information -- DSA-3465-1 openjdk-6

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-7575

Products affected by CVE-2015-7575

Exploit prediction scoring system (EPSS) score for CVE-2015-7575

CVSS scores for CVE-2015-7575

CWE ids for CVE-2015-7575

References for CVE-2015-7575