CVE-2002-20001 : The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the clie

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Published 2021-11-11 19:15:07

Updated 2025-04-15 14:08:07

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-20001

Suse » Linux Enterprise Server » Version: 11
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 12
cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
Matching versions
Suse » Linux Enterprise Server » Version: 15
cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:*:*:*
Matching versions
Siemens » Scalance W1750d Firmware
cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Scalance W1750d » Version: N/A
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-iq Centralized Management
Versions from including (>=) 8.0.0 and up to, including, (<=) 8.2.0
cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-iq Centralized Management » Version: 7.1.0
cpe:2.3:a:f5:big-iq_centralized_management:7.1.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Websafe
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Matching versions
F5 » Traffix Signaling Delivery Controller » Version: 5.2.0
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.2.0:*:*:*:*:*:*:*
Matching versions
F5 » Traffix Signaling Delivery Controller » Version: 5.1.0
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Visibility And Reporting
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Web Application Firewall
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Ddos Hybrid Defender
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Ssl Orchestrator
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Carrier-grade Nat
Versions from including (>=) 13.1.0 and up to, including, (<=) 17.1.0
cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*
Matching versions
F5 » F5os-a » Version: 1.3.0
cpe:2.3:o:f5:f5os-a:1.3.0:*:*:*:*:*:*:*
Matching versions
F5 » F5os-a » Version: 1.3.1
cpe:2.3:o:f5:f5os-a:1.3.1:*:*:*:*:*:*:*
Matching versions
F5 » F5os-c
Versions from including (>=) 1.3.0 and up to, including, (<=) 1.3.2
cpe:2.3:o:f5:f5os-c:*:*:*:*:*:*:*:*
Matching versions
F5 » F5os-c » Version: 1.5.0
cpe:2.3:o:f5:f5os-c:1.5.0:*:*:*:*:*:*:*
Matching versions
F5 » F5os-c » Version: 1.5.1
cpe:2.3:o:f5:f5os-c:1.5.1:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Service Proxy » Version: 1.6.0 For Kubernetes
cpe:2.3:a:f5:big-ip_service_proxy:1.6.0:*:*:*:*:kubernetes:*:*
Matching versions
HPE » Arubaos-cx
Versions from including (>=) 10.07.0000 and before (<) 10.07.0030
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Matching versions
When used together with: HPE » Aruba Cx 4100i » Version: N/A
When used together with: HPE » Aruba Cx 6100 » Version: N/A
When used together with: HPE » Aruba Cx 6200f » Version: N/A
When used together with: HPE » Aruba Cx 6200m » Version: N/A
When used together with: HPE » Aruba Cx 6300f » Version: N/A
When used together with: HPE » Aruba Cx 6300m » Version: N/A
When used together with: HPE » Aruba Cx 6405 » Version: N/A
When used together with: HPE » Aruba Cx 6410 » Version: N/A
When used together with: HPE » Aruba Cx 8320 » Version: N/A
When used together with: HPE » Aruba Cx 8325-32c » Version: N/A
When used together with: HPE » Aruba Cx 8325-48y8c » Version: N/A
When used together with: HPE » Aruba Cx 8360-12c » Version: N/A
When used together with: HPE » Aruba Cx 8360-16y2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-24xf2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-32y4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48xt4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48y6c » Version: N/A
When used together with: HPE » Aruba Cx 8400 » Version: N/A
HPE » Arubaos-cx
Versions from including (>=) 10.06.0000 and before (<) 10.06.0180
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Matching versions
When used together with: HPE » Aruba Cx 4100i » Version: N/A
When used together with: HPE » Aruba Cx 6100 » Version: N/A
When used together with: HPE » Aruba Cx 6200f » Version: N/A
When used together with: HPE » Aruba Cx 6200m » Version: N/A
When used together with: HPE » Aruba Cx 6300f » Version: N/A
When used together with: HPE » Aruba Cx 6300m » Version: N/A
When used together with: HPE » Aruba Cx 6405 » Version: N/A
When used together with: HPE » Aruba Cx 6410 » Version: N/A
When used together with: HPE » Aruba Cx 8320 » Version: N/A
When used together with: HPE » Aruba Cx 8325-32c » Version: N/A
When used together with: HPE » Aruba Cx 8325-48y8c » Version: N/A
When used together with: HPE » Aruba Cx 8360-12c » Version: N/A
When used together with: HPE » Aruba Cx 8360-16y2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-24xf2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-32y4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48xt4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48y6c » Version: N/A
When used together with: HPE » Aruba Cx 8400 » Version: N/A
HPE » Arubaos-cx
Versions from including (>=) 10.08.0000 and before (<) 10.08.0010
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Matching versions
When used together with: HPE » Aruba Cx 4100i » Version: N/A
When used together with: HPE » Aruba Cx 6100 » Version: N/A
When used together with: HPE » Aruba Cx 6200f » Version: N/A
When used together with: HPE » Aruba Cx 6200m » Version: N/A
When used together with: HPE » Aruba Cx 6300f » Version: N/A
When used together with: HPE » Aruba Cx 6300m » Version: N/A
When used together with: HPE » Aruba Cx 6405 » Version: N/A
When used together with: HPE » Aruba Cx 6410 » Version: N/A
When used together with: HPE » Aruba Cx 8320 » Version: N/A
When used together with: HPE » Aruba Cx 8325-32c » Version: N/A
When used together with: HPE » Aruba Cx 8325-48y8c » Version: N/A
When used together with: HPE » Aruba Cx 8360-12c » Version: N/A
When used together with: HPE » Aruba Cx 8360-16y2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-24xf2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-32y4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48xt4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48y6c » Version: N/A
When used together with: HPE » Aruba Cx 8400 » Version: N/A
HPE » Arubaos-cx
Versions from including (>=) 10.09.0000 and before (<) 10.09.0002
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Matching versions
When used together with: HPE » Aruba Cx 4100i » Version: N/A
When used together with: HPE » Aruba Cx 6100 » Version: N/A
When used together with: HPE » Aruba Cx 6200f » Version: N/A
When used together with: HPE » Aruba Cx 6200m » Version: N/A
When used together with: HPE » Aruba Cx 6300f » Version: N/A
When used together with: HPE » Aruba Cx 6300m » Version: N/A
When used together with: HPE » Aruba Cx 6405 » Version: N/A
When used together with: HPE » Aruba Cx 6410 » Version: N/A
When used together with: HPE » Aruba Cx 8320 » Version: N/A
When used together with: HPE » Aruba Cx 8325-32c » Version: N/A
When used together with: HPE » Aruba Cx 8325-48y8c » Version: N/A
When used together with: HPE » Aruba Cx 8360-12c » Version: N/A
When used together with: HPE » Aruba Cx 8360-16y2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-24xf2c » Version: N/A
When used together with: HPE » Aruba Cx 8360-32y4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48xt4c » Version: N/A
When used together with: HPE » Aruba Cx 8360-48y6c » Version: N/A
When used together with: HPE » Aruba Cx 8400 » Version: N/A
Stormshield » Stormshield Network Security
Versions from including (>=) 4.4.0 and before (<) 4.6.3
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*
Matching versions
Stormshield » Stormshield Network Security
Versions from including (>=) 2.7.0 and before (<) 4.3.16
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*
Matching versions
Stormshield » Stormshield Management Center
Versions before (<) 3.3.3
cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*
Matching versions
Balasys » Dheater » Version: N/A
cpe:2.3:a:balasys:dheater:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-20001

EPSS FAQ

14.68%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-20001

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2002-20001

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2002-20001

https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/

Configuring Supported TLS Groups in OpenSSL - OpenSSL Blog
Third Party Advisory
https://dheatattack.gitlab.io/

D(HE)at Attack | D(HE)at Attack

CVEs referencing this url
https://www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/

Server overload by enforcing DHE key exchange using minimal bandwidth : netsec
Issue Tracking
https://github.com/mozilla/ssl-config-generator/issues/162

Stop recommending DHE, because of "dheater" vulnerability · Issue #162 · mozilla/ssl-config-generator · GitHub
Issue Tracking

CVEs referencing this url
https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol

ResearchGate
Exploit;Technical Description
https://support.f5.com/csp/article/K83120834

Diffie-Hellman key agreement protocol vulnerability CVE-2002-20001
Third Party Advisory
https://github.com/Balasys/dheater

GitHub - Balasys/dheater: D(HE)ater is a security tool can perform DoS attack by enforcing the DHE key exchange.
Product
https://ieeexplore.ieee.org/document/10374117

D(HE)at: A Practical Denial-of-Service Attack on the Finite Field Diffie–Hellman Key Exchange | IEEE Journals & Magazine | IEEE Xplore

CVEs referencing this url
https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf

Third Party Advisory

CVEs referencing this url
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt

Third Party Advisory

CVEs referencing this url
https://gitlab.com/dheatattack/dheater

D(HE)at Attack / dheater · GitLab
https://dheatattack.com

DHEat attack
Third Party Advisory
https://www.suse.com/support/kb/doc/?id=000020510

Security Vulnerability: DHEater aka CVE-2002-20001 | Support | SUSE
Third Party Advisory

Jump to

Vulnerability Details : CVE-2002-20001

Products affected by CVE-2002-20001

Exploit prediction scoring system (EPSS) score for CVE-2002-20001

CVSS scores for CVE-2002-20001

CWE ids for CVE-2002-20001

References for CVE-2002-20001