VN-2015-007-LogJam

  • 24 June 2015
  • 0 replies
  • 189 views

Userlevel 2
CVE-2015-4000 "LogJam" issue is due to the TLS protocol 1.2 and earlier not properly conveying a DHE_EXPORT choice when a DHE_EXPORT ciphersuite is enabled on a server but not on a client. This allows man-in-the-middle attackers to conduct cipher-downgrade attacks.

Extreme Networks response to CVE-2015-4000 "LogJam" vulnerability is available at the following url: http://learn.extremenetworks.com/rs/641-VMV-602/images/VN-2015-007_Logjam.pdf

0 replies

Be the first to reply!

Reply