CVE-2015-4000
LOW EPSS 100.0%
Published May 21, 201511y ago · Modified Jun 17, 20262w ago
3.7 CVSS 3.1
Published May 21, 2015 11y ago
Last Modified Jun 17, 2026 2w ago
Description
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None
Threat Intelligence
EPSS Exploit Probability
100.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 2
CWE-295
CWE-310
Affected Products 42
| Vendor | Product | Version | Range |
|---|---|---|---|
| openssl | openssl | * | ≥1.0.1 – ≤1.0.1m |
| openssl | openssl | * | ≥1.0.2 – ≤1.0.2a |
| canonical | ubuntu_linux | 12.04 | any |
| canonical | ubuntu_linux | 14.04 | any |
| canonical | ubuntu_linux | 14.10 | any |
| canonical | ubuntu_linux | 15.04 | any |
| openssl | openssl | * | ≤1.0.1m |
| hp | hp-ux | b.11.31 | any |
| ibm | content_manager | 8.5 | any |
| oracle | jrockit | r28.3.6 | any |
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 8.0 | any |
| oracle | jdk | 1.6.0 | any |
| oracle | jdk | 1.7.0 | any |
| oracle | jdk | 1.7.0 | any |
| oracle | jdk | 1.8.0 | any |
| oracle | jdk | 1.8.0 | any |
| oracle | jre | 1.6.0 | any |
| oracle | jre | 1.7.0 | any |
| oracle | jre | 1.7.0 | any |
| oracle | jre | 1.8.0 | any |
| oracle | jre | 1.8.0 | any |
| suse | linux_enterprise_desktop | 12 | any |
| suse | linux_enterprise_server | 11.0 | any |
| suse | linux_enterprise_software_development_kit | 12 | any |
| suse | suse_linux_enterprise_server | 12 | any |
| apple | iphone_os | * | ≤8.3 |
| apple | mac_os_x | * | ≤10.10.3 |
| mozilla | network_security_services | 3.19 | any |
| oracle | sparc-opl_service_processor | * | ≤1121 |
| apple | safari | * | any |
| chrome | * | any | |
| microsoft | internet_explorer | * | any |
| mozilla | firefox | * | any |
| opera | opera_browser | * | any |
| mozilla | firefox | 38.1.0 | any |
| mozilla | firefox | 39.0 | any |
| mozilla | firefox_esr | 31.8 | any |
| mozilla | seamonkey | 2.35 | any |
| mozilla | thunderbird | 31.8 | any |
| mozilla | thunderbird | 38.1 | any |
| mozilla | firefox_os | 2.2 | any |
References 217
- aix.software.ibm.com http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
- fortiguard.com http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
- ftp.netbsd.org http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
- h20564.www2.hpe.com http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
- h20564.www2.hpe.com http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
- kb.juniper.net http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
- kb.juniper.net http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
- lists.apple.com http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
- lists.apple.com http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html
- marc.info http://marc.info/?l=bugtraq&m=143506486712441&w=2
- marc.info http://marc.info/?l=bugtraq&m=143557934009303&w=2
- marc.info http://marc.info/?l=bugtraq&m=143558092609708&w=2
- marc.info http://marc.info/?l=bugtraq&m=143628304012255&w=2
- marc.info http://marc.info/?l=bugtraq&m=143637549705650&w=2
- marc.info http://marc.info/?l=bugtraq&m=143655800220052&w=2
- marc.info http://marc.info/?l=bugtraq&m=143880121627664&w=2
- marc.info http://marc.info/?l=bugtraq&m=144043644216842&w=2
- marc.info http://marc.info/?l=bugtraq&m=144050121701297&w=2
- marc.info http://marc.info/?l=bugtraq&m=144060576831314&w=2
- marc.info http://marc.info/?l=bugtraq&m=144060606031437&w=2
- marc.info http://marc.info/?l=bugtraq&m=144061542602287&w=2
- marc.info http://marc.info/?l=bugtraq&m=144069189622016&w=2
- marc.info http://marc.info/?l=bugtraq&m=144102017024820&w=2
- marc.info http://marc.info/?l=bugtraq&m=144104533800819&w=2
- marc.info http://marc.info/?l=bugtraq&m=144493176821532&w=2
- marc.info http://marc.info/?l=bugtraq&m=145409266329539&w=2
- openwall.com http://openwall.com/lists/oss-security/2015/05/20/8
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1072.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1185.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1197.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1228.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1229.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1230.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1241.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1242.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1243.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1485.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1486.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1488.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1526.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1544.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1604.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-1624.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-2056.html
- support.apple.com http://support.apple.com/kb/HT204941
- support.apple.com http://support.apple.com/kb/HT204942
- support.citrix.com http://support.citrix.com/article/CTX201114
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959111
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959195
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959325
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959453
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959481
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959517
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959530
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959539
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959636
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21959812
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21960191
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21961717
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21962455
- www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21962739
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21958984
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21959132
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21960041
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21960194
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21960380
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21960418
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21962816
- www-304.ibm.com http://www-304.ibm.com/support/docview.wss?uid=swg21967893
- debian.org http://www.debian.org/security/2015/dsa-3287
- debian.org http://www.debian.org/security/2015/dsa-3300
- debian.org http://www.debian.org/security/2015/dsa-3316
- debian.org http://www.debian.org/security/2015/dsa-3324
- debian.org http://www.debian.org/security/2015/dsa-3339
- debian.org http://www.debian.org/security/2016/dsa-3688
- fortiguard.com http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
- mozilla.org http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
- oracle.com http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- oracle.com http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- oracle.com http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- oracle.com http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- securityfocus.com http://www.securityfocus.com/bid/74733
- securityfocus.com http://www.securityfocus.com/bid/91787
- securitytracker.com http://www.securitytracker.com/id/1032474
- securitytracker.com http://www.securitytracker.com/id/1032475
- securitytracker.com http://www.securitytracker.com/id/1032476
- securitytracker.com http://www.securitytracker.com/id/1032637
- securitytracker.com http://www.securitytracker.com/id/1032645
- securitytracker.com http://www.securitytracker.com/id/1032647
- securitytracker.com http://www.securitytracker.com/id/1032648
- securitytracker.com http://www.securitytracker.com/id/1032649
- securitytracker.com http://www.securitytracker.com/id/1032650
- securitytracker.com http://www.securitytracker.com/id/1032651
- securitytracker.com http://www.securitytracker.com/id/1032652
- securitytracker.com http://www.securitytracker.com/id/1032653
- securitytracker.com http://www.securitytracker.com/id/1032654
- securitytracker.com http://www.securitytracker.com/id/1032655
- securitytracker.com http://www.securitytracker.com/id/1032656
- securitytracker.com http://www.securitytracker.com/id/1032688
- securitytracker.com http://www.securitytracker.com/id/1032699
- securitytracker.com http://www.securitytracker.com/id/1032702
- securitytracker.com http://www.securitytracker.com/id/1032727
- securitytracker.com http://www.securitytracker.com/id/1032759
- securitytracker.com http://www.securitytracker.com/id/1032777
- securitytracker.com http://www.securitytracker.com/id/1032778
- securitytracker.com http://www.securitytracker.com/id/1032783
- securitytracker.com http://www.securitytracker.com/id/1032784
- securitytracker.com http://www.securitytracker.com/id/1032856
- securitytracker.com http://www.securitytracker.com/id/1032864
- securitytracker.com http://www.securitytracker.com/id/1032865
- securitytracker.com http://www.securitytracker.com/id/1032871
- securitytracker.com http://www.securitytracker.com/id/1032884
- securitytracker.com http://www.securitytracker.com/id/1032910
- securitytracker.com http://www.securitytracker.com/id/1032932
- securitytracker.com http://www.securitytracker.com/id/1032960
- securitytracker.com http://www.securitytracker.com/id/1033019
- securitytracker.com http://www.securitytracker.com/id/1033064
- securitytracker.com http://www.securitytracker.com/id/1033065
- securitytracker.com http://www.securitytracker.com/id/1033067
- securitytracker.com http://www.securitytracker.com/id/1033208
- securitytracker.com http://www.securitytracker.com/id/1033209
- securitytracker.com http://www.securitytracker.com/id/1033210
- securitytracker.com http://www.securitytracker.com/id/1033222
- securitytracker.com http://www.securitytracker.com/id/1033341
- securitytracker.com http://www.securitytracker.com/id/1033385
- securitytracker.com http://www.securitytracker.com/id/1033416
- securitytracker.com http://www.securitytracker.com/id/1033430
- securitytracker.com http://www.securitytracker.com/id/1033433
- securitytracker.com http://www.securitytracker.com/id/1033513
- securitytracker.com http://www.securitytracker.com/id/1033760
- securitytracker.com http://www.securitytracker.com/id/1033891
- securitytracker.com http://www.securitytracker.com/id/1033991
- securitytracker.com http://www.securitytracker.com/id/1034087
- securitytracker.com http://www.securitytracker.com/id/1034728
- securitytracker.com http://www.securitytracker.com/id/1034884
- securitytracker.com http://www.securitytracker.com/id/1036218
- securitytracker.com http://www.securitytracker.com/id/1040630
- solarwinds.com http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
- ubuntu.com http://www.ubuntu.com/usn/USN-2656-1
- ubuntu.com http://www.ubuntu.com/usn/USN-2656-2
- ubuntu.com http://www.ubuntu.com/usn/USN-2673-1
- ubuntu.com http://www.ubuntu.com/usn/USN-2696-1
- ubuntu.com http://www.ubuntu.com/usn/USN-2706-1
- blog.cloudflare.com https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
- bto.bluecoat.com https://bto.bluecoat.com/security-advisory/sa98
- bugzilla.mozilla.org https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
- cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- developer.mozilla.org https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
- h20564.www2.hp.com https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
- h20564.www2.hpe.com https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
- h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
- h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
- h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
- h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
- h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
- help.ecostruxureit.com https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10122
- openssl.org https://openssl.org/news/secadv/20150611.txt
- puppet.com https://puppet.com/security/cve/CVE-2015-4000
- security.gentoo.org https://security.gentoo.org/glsa/201506-02
- security.gentoo.org https://security.gentoo.org/glsa/201512-10
- security.gentoo.org https://security.gentoo.org/glsa/201603-11
- security.gentoo.org https://security.gentoo.org/glsa/201701-46
- security.netapp.com https://security.netapp.com/advisory/ntap-20150619-0001/
- support.citrix.com https://support.citrix.com/article/CTX216642
- support.hpe.com https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
- weakdh.org https://weakdh.org/
- weakdh.org https://weakdh.org/imperfect-forward-secrecy.pdf
- www-304.ibm.com https://www-304.ibm.com/support/docview.wss?uid=swg21959745
- www-947.ibm.com https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
- openssl.org https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
- openssl.org https://www.openssl.org/news/secadv_20150611.txt
- oracle.com https://www.oracle.com/security-alerts/cpujan2021.html
- suse.com https://www.suse.com/security/cve/CVE-2015-4000.html
Remediation
- oracle.com http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html