Logjam Vulnerability (CVE-2015-4000)

2015年8月14日

Email
Facebook
Twitter
Google+
Linkedin

CVE識別番号: CVE-2015-4000

概要

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice. This allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, which could then result in an attacker being able to monitor encrypted communications by being able to decrypt them. This is known as the "Logjam" vulnerability.