CVE-2015-4000
Published May 21, 2015
Last updated 24 days ago
Overview
- Description
- The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 3.7
- Impact score
- 1.4
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51F16DD0-B15A-4B29-B68A-D6ABA0BF9623",
"versionEndIncluding": "1.0.1m",
"versionStartIncluding": "1.0.1"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86B99FE0-EFEF-4C34-9790-A14504D701C5",
"versionEndIncluding": "1.0.2a",
"versionStartIncluding": "1.0.2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4D0AB50-9195-4B1B-BB76-00F0A34C9389",
"versionEndIncluding": "1.0.1m"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*",
"vulnerable": true,
"matchCriteriaId": "EB672C2E-8ABF-40CD-97DA-28D939DE4C63"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5BAC17C-EF31-4E94-9020-47B781AD94B3"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2"
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
"versionEndIncluding": "8.3"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68566BD8-D5DD-4747-9C9A-59154400EBFA",
"versionEndIncluding": "10.10.3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6809678-475F-4703-BC9E-31EC8CAD3A24"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
"versionEndIncluding": "1121"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFDA34B4-65B4-41A5-AC22-667C8D8FF4B7"
},
{
"criteria": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39B565E1-C2F1-44FC-A517-E3130332B17C"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C37BA825-679F-4257-9F2B-CE2318B75396"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F"
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4545786D-3129-4D92-B218-F4A92428ED48"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B692B58-6FB8-455F-86C0-35E0F216A736"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA389FFB-2289-4BFB-90A1-0E7EC42FFCEB"
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA79F816-D26E-4A0D-8CD8-994EBB42C822"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C87BCC3-0315-4B3C-BFCD-1E218B475251"
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C00748D-ECFC-4ACA-964B-92330FE7B0EE"
},
{
"criteria": "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E50128DD-9997-49E6-A47E-6A0B7959B3AA"
}
],
"operator": "OR"
}
]
}
]