LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

🗓️ 04 Jun 2015 17:49:02Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 1 Views

Diffie-Hellman TLS flaw downgrades to export-grade keys, enabling passive decryption.

Reporter	Title	Published	Views	Family All 869
IBM Security Bulletins	Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-4000)	15 Jun 201807:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2015-4000)	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM MQ Light (CVE-2015-4000)	15 Jun 201807:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business (CVE-2015-4000)	16 Jun 201821:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2015-4000)	16 Jun 201813:11	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Diffie-Hellman cipher affects Rational Insight (CVE-2015-4000)	17 Jun 201805:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)	8 Sep 202200:09	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Collaboration and Deployment Services (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808, CVE-2015-4000)	16 Jun 201813:15	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Business Intelligence (CVE-2015-4000)	15 Jun 201823:13	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)	24 Jul 202022:49	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	ppc	openssl	0:1.0.1e-30.el6_6.9	openssl-0:1.0.1e-30.el6_6.9.ppc.rpm
Red Hat Enterprise Linux	6	ppc64	openssl	0:1.0.1e-30.el6_6.9	openssl-0:1.0.1e-30.el6_6.9.ppc64.rpm
Red Hat Enterprise Linux	6	s390	openssl	0:1.0.1e-30.el6_6.9	openssl-0:1.0.1e-30.el6_6.9.s390.rpm
Red Hat Enterprise Linux	6	s390x	openssl	0:1.0.1e-30.el6_6.9	openssl-0:1.0.1e-30.el6_6.9.s390x.rpm
Red Hat Enterprise Linux	6	x86_64	openssl	0:1.0.1e-30.el6_6.9	openssl-0:1.0.1e-30.el6_6.9.x86_64.rpm
Red Hat Enterprise Linux	6	any	openssl	0:1.0.1e-30.el6_6.9.i686	openssl-0:1.0.1e-30.el6_6.9.i686.noarch.rpm
Red Hat Enterprise Linux	7	ppc64le	openssl	1:1.0.1e-42.ael7b_1.6	openssl-1:1.0.1e-42.ael7b_1.6.ppc64le.rpm
Red Hat Enterprise Linux	7	ppc64	openssl	1:1.0.1e-42.el7_1.6	openssl-1:1.0.1e-42.el7_1.6.ppc64.rpm
Red Hat Enterprise Linux	7	s390x	openssl	1:1.0.1e-42.el7_1.6	openssl-1:1.0.1e-42.el7_1.6.s390x.rpm
Red Hat Enterprise Linux	7	x86_64	openssl	1:1.0.1e-42.el7_1.6	openssl-1:1.0.1e-42.el7_1.6.x86_64.rpm

Source	Link
access	www.access.redhat.com/articles/1456263
access	www.access.redhat.com/security/cve/CVE-2015-4000
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-4000
weakdh	www.weakdh.org/
cve	www.cve.org/CVERecord

27 May 2026 17:14Current

6.6Medium risk

Vulners AI Score6.6

CVSS 33.7

CVSS 24.3

CVSS 3.13.7

EPSS0.9986

SSVC

transport layer security diffie helman export grade downgrade attack man in middle precomputation