Vulnerability Report

CVE-2002-20001

Title: F5 Traffix Signaling Delivery Controller Denial of Service (DoS)

Denial of Service (DoS)

Proof Of Concept

PoC Available for CVE-2002-20001

CWE Category CWE-400
Published Date Nov 11, 2021
Modified Date Aug 22, 2025
Exploit Status Available
Score 7.5 CVSS v3.1
Exploit Probability (EPSS)
14.68%

Vulnerability Summary

CVE-2002-20001: The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Impacted Vendors

F
f5 22
S
siemens 1
S
stormshield 2
H
hpe 18
B
balasys 1

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf https://dheatattack.com https://dheatattack.gitlab.io/ https://github.com/Balasys/dheater https://github.com/mozilla/ssl-config-generator/issues/162 https://gitlab.com/dheatattack/dheater https://ieeexplore.ieee.org/document/10374117 https://support.f5.com/csp/article/K83120834 https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/ https://www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/ https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol https://www.suse.com/support/kb/doc/?id=000020510 https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf https://dheatattack.com https://dheatattack.gitlab.io/ https://github.com/Balasys/dheater https://github.com/mozilla/ssl-config-generator/issues/162 https://gitlab.com/dheatattack/dheater https://ieeexplore.ieee.org/document/10374117 https://support.f5.com/csp/article/K83120834 https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/ https://www.reddit.com/r/netsec/comments/qdoosy/server_overload_by_enforcing_dhe_key_exchange/ https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol https://www.suse.com/support/kb/doc/?id=000020510
CVSS v3.1
Source Entity [email protected]
Severity HIGH
7.5
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0
Source Entity [email protected]
Severity MEDIUM
5.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-20001 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/c0r0n3r/dheater
View Code
GitHub https://github.com/itmaniac/dheat_dos_attack_poc
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Stack

No specific products linked.