VDB

RHSA-2020%3A0451

RHSA-2020%3A0451 PUBLISHED CVSS 7.5 HIGH

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.

Risk Scores

CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Red Hatopenshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64 as a component of Red Hat OpenShift Container Platform 3.11*
Red Hatopenshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le

Timeline

  • Feb 19, 2020 CVE Published
  • Apr 11, 2025 PoC Published
  • Apr 19, 2026 CVE Updated
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›