The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
Configuration 10 (hide)
|
Configuration 11 (hide)
|
Configuration 12 (hide)
|
Configuration 13 (hide)
|
History
13 Dec 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 May 2022, 14:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:jdk:1.6.0:update_95:*:*:*:*:*:* |
cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:* cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:* |
23 Jul 2021, 15:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:* |
Information
Published : 2015-05-21 00:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-4000
Mitre link : CVE-2015-4000
CVE.ORG link : CVE-2015-4000
JSON object : View
Products Affected
apple
- safari
- iphone_os
- mac_os_x
suse
- suse_linux_enterprise_server
- linux_enterprise_software_development_kit
- linux_enterprise_server
- linux_enterprise_desktop
oracle
- sparc-opl_service_processor
- jdk
- jre
- jrockit
canonical
- ubuntu_linux
mozilla
- network_security_services
- firefox_os
- firefox_esr
- firefox
- seamonkey
- thunderbird
openssl
- openssl
hp
- hp-ux
debian
- debian_linux
microsoft
- internet_explorer
ibm
- content_manager
opera
- opera_browser
- chrome
CWE
CWE-310
Cryptographic Issues