CVE-2015-7575

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

CVSS v3.0 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1158489	Issue Tracking
https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes	Vendor Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-150.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Vendor Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html	Third Party Advisory
http://www.ubuntu.com/usn/USN-2884-1	Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Third Party Advisory
http://www.securityfocus.com/bid/91787	Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://access.redhat.com/errata/RHSA-2016:1430
http://www.securityfocus.com/bid/79684
http://www.ubuntu.com/usn/USN-2904-1
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
http://www.debian.org/security/2016/dsa-3465
http://rhn.redhat.com/errata/RHSA-2016-0053.html
http://rhn.redhat.com/errata/RHSA-2016-0054.html
http://rhn.redhat.com/errata/RHSA-2016-0049.html
http://www.debian.org/security/2016/dsa-3457
http://www.debian.org/security/2016/dsa-3491
http://rhn.redhat.com/errata/RHSA-2016-0056.html
http://rhn.redhat.com/errata/RHSA-2016-0055.html
http://rhn.redhat.com/errata/RHSA-2016-0050.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
http://www.debian.org/security/2016/dsa-3437
http://www.debian.org/security/2016/dsa-3458
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
http://www.ubuntu.com/usn/USN-2863-1
http://www.ubuntu.com/usn/USN-2866-1
http://www.debian.org/security/2016/dsa-3436
http://www.securitytracker.com/id/1034541
http://www.ubuntu.com/usn/USN-2864-1
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
http://www.ubuntu.com/usn/USN-2865-1
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
https://security.gentoo.org/glsa/201706-18
https://security.gentoo.org/glsa/201701-46
http://www.securitytracker.com/id/1036467
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.debian.org/security/2016/dsa-3688
https://security.netapp.com/advisory/ntap-20160225-0001/
https://security.gentoo.org/glsa/201801-15

Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:leap:42.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:mozilla:firefox_esr:38.5.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.3.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.1.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.1.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.4.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.5.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.2.0:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.2.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.0.1:::::::*
	cpe:2.3:a:mozilla:firefox_esr:38.0.5:::::::*

Configuration 4 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

Configuration 5 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Information

Published : 2016-01-08 18:59

Updated : 2018-10-30 09:27

NVD link : CVE-2015-7575

Mitre link : CVE-2015-7575

JSON object : View

CWE

CWE-19

Data Processing Errors

Products Affected

mozilla

firefox_esr
firefox
network_security_services

canonical

ubuntu_linux

opensuse

leap
opensuse

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489", "tags": ["Issue Tracking"], "refsource": "CONFIRM"}, {"url": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes", "name": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html", "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html", "name": "openSUSE-SU-2016:0308", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html", "name": "openSUSE-SU-2016:0307", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://www.ubuntu.com/usn/USN-2884-1", "name": "USN-2884-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/91787", "name": "91787", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://access.redhat.com/errata/RHSA-2016:1430", "name": "RHSA-2016:1430", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/79684", "name": "79684", "tags": [], "refsource": "BID"}, {"url": "http://www.ubuntu.com/usn/USN-2904-1", "name": "USN-2904-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html", "name": "openSUSE-SU-2016:0605", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html", "name": "openSUSE-SU-2016:0488", "tags": [], "refsource": "SUSE"}, {"url": "http://www.debian.org/security/2016/dsa-3465", "name": "DSA-3465", "tags": [], "refsource": "DEBIAN"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html", "name": "RHSA-2016:0053", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html", "name": "RHSA-2016:0054", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html", "name": "RHSA-2016:0049", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.debian.org/security/2016/dsa-3457", "name": "DSA-3457", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2016/dsa-3491", "name": "DSA-3491", "tags": [], "refsource": "DEBIAN"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html", "name": "RHSA-2016:0056", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html", "name": "RHSA-2016:0055", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html", "name": "RHSA-2016:0050", "tags": [], "refsource": "REDHAT"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html", "name": "openSUSE-SU-2016:0162", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html", "name": "SUSE-SU-2016:0256", "tags": [], "refsource": "SUSE"}, {"url": "http://www.debian.org/security/2016/dsa-3437", "name": "DSA-3437", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2016/dsa-3458", "name": "DSA-3458", "tags": [], "refsource": "DEBIAN"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html", "name": "openSUSE-SU-2016:0007", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html", "name": "SUSE-SU-2016:0269", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html", "name": "openSUSE-SU-2015:2405", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html", "name": "SUSE-SU-2016:0265", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html", "name": "openSUSE-SU-2016:0161", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html", "name": "openSUSE-SU-2016:0279", "tags": [], "refsource": "SUSE"}, {"url": "http://www.ubuntu.com/usn/USN-2863-1", "name": "USN-2863-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-2866-1", "name": "USN-2866-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.debian.org/security/2016/dsa-3436", "name": "DSA-3436", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.securitytracker.com/id/1034541", "name": "1034541", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.ubuntu.com/usn/USN-2864-1", "name": "USN-2864-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "name": "openSUSE-SU-2016:0270", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html", "name": "openSUSE-SU-2016:0268", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html", "name": "openSUSE-SU-2016:0263", "tags": [], "refsource": "SUSE"}, {"url": "http://www.ubuntu.com/usn/USN-2865-1", "name": "USN-2865-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html", "name": "openSUSE-SU-2016:0272", "tags": [], "refsource": "SUSE"}, {"url": "https://security.gentoo.org/glsa/201706-18", "name": "GLSA-201706-18", "tags": [], "refsource": "GENTOO"}, {"url": "https://security.gentoo.org/glsa/201701-46", "name": "GLSA-201701-46", "tags": [], "refsource": "GENTOO"}, {"url": "http://www.securitytracker.com/id/1036467", "name": "1036467", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2016/dsa-3688", "name": "DSA-3688", "tags": [], "refsource": "DEBIAN"}, {"url": "https://security.netapp.com/advisory/ntap-20160225-0001/", "name": "https://security.netapp.com/advisory/ntap-20160225-0001/", "tags": [], "refsource": "CONFIRM"}, {"url": "https://security.gentoo.org/glsa/201801-15", "name": "GLSA-201801-15", "tags": [], "refsource": "GENTOO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-19"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-7575", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}}, "publishedDate": "2016-01-09T02:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.20.1"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "43.0.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:27Z"}

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2015-7575

5.9^/10

4.3^/10

Attach tags to `CVE-2015-7575`