CVE-2015-4000

Published May 21, 2015
Last updated 3 months ago
CVSS low 3.7
Overview

Description: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 3.7
Impact score: 1.4
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: LOW
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-310
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51F16DD0-B15A-4B29-B68A-D6ABA0BF9623",
            "versionEndIncluding": "1.0.1m",
            "versionStartIncluding": "1.0.1"
          },
          {
            "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86B99FE0-EFEF-4C34-9790-A14504D701C5",
            "versionEndIncluding": "1.0.2a",
            "versionStartIncluding": "1.0.2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4D0AB50-9195-4B1B-BB76-00F0A34C9389",
            "versionEndIncluding": "1.0.1m"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB672C2E-8ABF-40CD-97DA-28D939DE4C63"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5BAC17C-EF31-4E94-9020-47B781AD94B3"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2"
          },
          {
            "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
            "versionEndIncluding": "8.3"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68566BD8-D5DD-4747-9C9A-59154400EBFA",
            "versionEndIncluding": "10.10.3"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6809678-475F-4703-BC9E-31EC8CAD3A24"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
            "versionEndIncluding": "1121"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFDA34B4-65B4-41A5-AC22-667C8D8FF4B7"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39B565E1-C2F1-44FC-A517-E3130332B17C"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C37BA825-679F-4257-9F2B-CE2318B75396"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F"
          },
          {
            "criteria": "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4545786D-3129-4D92-B218-F4A92428ED48"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B692B58-6FB8-455F-86C0-35E0F216A736"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA389FFB-2289-4BFB-90A1-0E7EC42FFCEB"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA79F816-D26E-4A0D-8CD8-994EBB42C822"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C87BCC3-0315-4B3C-BFCD-1E218B475251"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C00748D-ECFC-4ACA-964B-92330FE7B0EE"
          },
          {
            "criteria": "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50128DD-9997-49E6-A47E-6A0B7959B3AA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
