https://community.extremenetworks.com/t5/security/vn-2015-007-logjam/m-p/27823#M53 <A href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000" target="_blank" rel="nofollow noreferrer noopener">CVE-2015-4000</A> "LogJam" issue is due to the TLS protocol 1.2 and earlier not properly conveying a DHE_EXPORT choice when a DHE_EXPORT ciphersuite is enabled on a server but not on a client. This allows man-in-the-middle attackers to conduct cipher-downgrade attacks.<BR /> <BR /> Extreme Networks response to CVE-2015-4000 "LogJam" vulnerability is available at the following url: <A href="http://learn.extremenetworks.com/rs/641-VMV-602/images/VN-2015-007_Logjam.pdf" target="_blank" rel="nofollow noreferrer noopener">http://learn.extremenetworks.com/rs/641-VMV-602/images/VN-2015-007_Logjam.pdf</A><BR /> <BR /> Wed, 24 Jun 2015 18:31:00 GMT Weidle__Bert 2015-06-24T18:31:00Z https://community.extremenetworks.com/t5/security/vn-2015-007-logjam/m-p/27823#M53 <A href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000" target="_blank" rel="nofollow noreferrer noopener">CVE-2015-4000</A> "LogJam" issue is due to the TLS protocol 1.2 and earlier not properly conveying a DHE_EXPORT choice when a DHE_EXPORT ciphersuite is enabled on a server but not on a client. This allows man-in-the-middle attackers to conduct cipher-downgrade attacks.<BR /> <BR /> Extreme Networks response to CVE-2015-4000 "LogJam" vulnerability is available at the following url: <A href="http://learn.extremenetworks.com/rs/641-VMV-602/images/VN-2015-007_Logjam.pdf" target="_blank" rel="nofollow noreferrer noopener">http://learn.extremenetworks.com/rs/641-VMV-602/images/VN-2015-007_Logjam.pdf</A><BR /> <BR /> Wed, 24 Jun 2015 18:31:00 GMT https://community.extremenetworks.com/t5/security/vn-2015-007-logjam/m-p/27823#M53 Weidle__Bert 2015-06-24T18:31:00Z