Back to search
CVE-2015-4000
Published: May 21, 2015
Modified: May 27, 2026
PUBLISHED
Description
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SU-2015:1184
vendor-advisory
SUSE-SU-2015:1177
vendor-advisory
SSRT102180
vendor-advisory
RHSA-2015:1243
vendor-advisory
openSUSE-SU-2015:1229
vendor-advisory
1033208
vdb-entry
1032637
vdb-entry
HPSBGN03404
vendor-advisory
DSA-3688
vendor-advisory
DSA-3287
vendor-advisory
HPSBUX03512
vendor-advisory
1032865
vdb-entry
HPSBGN03351
vendor-advisory
SUSE-SU-2015:1268
vendor-advisory
SUSE-SU-2015:1150
vendor-advisory
1034728
vdb-entry
SUSE-SU-2015:1183
vendor-advisory
1032656
vdb-entry
RHSA-2016:2056
vendor-advisory
openSUSE-SU-2015:1684
vendor-advisory
HPSBGN03361
vendor-advisory
HPSBGN03399
vendor-advisory
1032475
vdb-entry
1032960
vdb-entry
openSUSE-SU-2016:0255
vendor-advisory
1032653
vdb-entry
SUSE-SU-2016:0224
vendor-advisory
1033385
vdb-entry
GLSA-201512-10
vendor-advisory
RHSA-2015:1229
vendor-advisory
openSUSE-SU-2016:0483
vendor-advisory
1032864
vdb-entry
1032910
vdb-entry
1032645
vdb-entry
USN-2706-1
vendor-advisory
GLSA-201701-46
vendor-advisory
RHSA-2015:1526
vendor-advisory
1033760
vdb-entry
RHSA-2015:1485
vendor-advisory
RHSA-2015:1197
vendor-advisory
HPSBMU03401
vendor-advisory
1032699
vdb-entry
1032476
vdb-entry
1032649
vdb-entry
HPSBMU03345
vendor-advisory
HPSBUX03363
vendor-advisory
RHSA-2015:1544
vendor-advisory
FEDORA-2015-9130
vendor-advisory
SUSE-SU-2015:1182
vendor-advisory
SSRT102112
vendor-advisory
1032688
vdb-entry
SUSE-SU-2015:1143
vendor-advisory
1032652
vdb-entry
FEDORA-2015-9048
vendor-advisory
RHSA-2015:1185
vendor-advisory
HPSBGN03362
vendor-advisory
APPLE-SA-2015-06-30-2
vendor-advisory
openSUSE-SU-2015:1289
vendor-advisory
FEDORA-2015-9161
vendor-advisory
HPSBGN03402
vendor-advisory
1032648
vdb-entry
1032759
vdb-entry
RHSA-2015:1228
vendor-advisory
HPSBGN03405
vendor-advisory
DSA-3316
vendor-advisory
1033209
vdb-entry
1032871
vdb-entry
DSA-3324
vendor-advisory
1032655
vdb-entry
1033210
vdb-entry
HPSBGN03411
vendor-advisory
openSUSE-SU-2015:1277
vendor-advisory
HPSBGN03533
vendor-advisory
USN-2673-1
vendor-advisory
1034884
vdb-entry
HPSBMU03356
vendor-advisory
GLSA-201603-11
vendor-advisory
1033064
vdb-entry
SUSE-SU-2015:1181
vendor-advisory
1032778
vdb-entry
1032474
vdb-entry
SSRT102254
vendor-advisory
HPSBGN03407
vendor-advisory
openSUSE-SU-2015:1209
vendor-advisory
1032784
vdb-entry
1032777
vdb-entry
1033416
vdb-entry
1033991
vdb-entry
1032647
vdb-entry
1032654
vdb-entry
1033341
vdb-entry
RHSA-2015:1486
vendor-advisory
SUSE-SU-2015:1663
vendor-advisory
1033433
vdb-entry
USN-2696-1
vendor-advisory
APPLE-SA-2015-06-30-1
vendor-advisory
1032702
vdb-entry
DSA-3339
vendor-advisory
1032727
vdb-entry
RHSA-2015:1242
vendor-advisory
SUSE-SU-2015:1269
vendor-advisory
GLSA-201506-02
vendor-advisory
91787
vdb-entry
RHSA-2016:1624
vendor-advisory
openSUSE-SU-2015:1266
vendor-advisory
RHSA-2015:1488
vendor-advisory
SUSE-SU-2015:1319
vendor-advisory
SUSE-SU-2015:1320
vendor-advisory
1033430
vdb-entry
openSUSE-SU-2015:1288
vendor-advisory
RHSA-2015:1241
vendor-advisory
openSUSE-SU-2016:0478
vendor-advisory
SUSE-SU-2015:1581
vendor-advisory
HPSBUX03388
vendor-advisory
RHSA-2015:1230
vendor-advisory
74733
vdb-entry
openSUSE-SU-2016:0261
vendor-advisory
1032651
vdb-entry
1033065
vdb-entry
USN-2656-1
vendor-advisory
SUSE-SU-2015:1185
vendor-advisory
1033222
vdb-entry
1036218
vdb-entry
SUSE-SU-2015:1449
vendor-advisory
HPSBGN03373
vendor-advisory
1040630
vdb-entry
openSUSE-SU-2015:1139
vendor-advisory
1034087
vdb-entry
1033513
vdb-entry
1032884
vdb-entry
RHSA-2015:1604
vendor-advisory
SUSE-SU-2016:0262
vendor-advisory
1032932
vdb-entry
1033891
vdb-entry
openSUSE-SU-2016:0226
vendor-advisory
1032783
vdb-entry
1032856
vdb-entry
NetBSD-SA2015-008
vendor-advisory
DSA-3300
vendor-advisory
USN-2656-2
vendor-advisory
1033067
vdb-entry
1033019
vdb-entry
RHSA-2015:1072
vendor-advisory
1032650
vdb-entry
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now