HOMEVULNERABILITIESCVE-2002-20001
HIGH

CVE-2002-20001

CWE-400Published: November 11, 2021· Updated: Jun 16, 2026

7.5
CVSS v3.1

Official Description

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

NVD Source

Technical Analysis

CVE-2002-20001 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 7.5.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityNone
IntegrityNone
AvailabilityHigh
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Vendors & Products

balasys1 product(s)
dheater
f524 product(s)
big-ip access policy managerbig-ip advanced firewall managerbig-ip advanced web application firewallbig-ip analyticsbig-ip application acceleration managerbig-ip application security managerbig-ip application visibility and reportingbig-ip carrier-grade natbig-ip ddos hybrid defenderbig-ip domain name systembig-ip edge gatewaybig-ip fraud protection service+12
hpe19 product(s)
arubaos-cxaruba cx 4100iaruba cx 6100aruba cx 6200faruba cx 6200maruba cx 6300faruba cx 6300maruba cx 6405aruba cx 6410aruba cx 8320aruba cx 8325-32caruba cx 8325-48y8c+7
siemens2 product(s)
scalance w1750d firmwarescalance w1750d
stormshield2 product(s)
stormshield management centerstormshield network security
SUSE1 product(s)
linux enterprise server
Source: NVD CPE · 76 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (26)

Quick Facts

CVE IDCVE-2002-20001
CVSS Score7.5 / 10
SeverityHIGH
WeaknessCWE-400
CISA KEVNo
Affected6 vendor(s)
PublishedNov 11, 2021

Related CVEs (CWE-400)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2002-20001 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.