CVE-2015-4000

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

References

https://weakdh.org/imperfect-forward-secrecy.pdf

https://weakdh.org/

https://www.suse.com/security/cve/CVE-2015-4000.html

https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/

https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/

http://openwall.com/lists/oss-security/2015/05/20/8

http://www.securityfocus.com/bid/74733

https://www.openssl.org/news/secadv_20150611.txt

http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html

http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html

http://support.apple.com/kb/HT204941

http://support.apple.com/kb/HT204942

http://www.mozilla.org/security/announce/2015/mfsa2015-70.html

https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes

https://bugzilla.mozilla.org/show_bug.cgi?id=1138554

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securitytracker.com/id/1033064

http://www-01.ibm.com/support/docview.wss?uid=swg21962455

http://www.debian.org/security/2015/dsa-3324

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html

http://www.ubuntu.com/usn/USN-2673-1

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html

http://marc.info/?l=bugtraq&m=143880121627664&w=2

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722

http://www.securityfocus.com/bid/91787

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763

http://marc.info/?l=bugtraq&m=145409266329539&w=2

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527

http://marc.info/?l=bugtraq&m=144060576831314&w=2

http://marc.info/?l=bugtraq&m=144069189622016&w=2

http://marc.info/?l=bugtraq&m=144493176821532&w=2

http://marc.info/?l=bugtraq&m=143637549705650&w=2

http://marc.info/?l=bugtraq&m=144061542602287&w=2

http://marc.info/?l=bugtraq&m=143557934009303&w=2

http://marc.info/?l=bugtraq&m=143628304012255&w=2

http://marc.info/?l=bugtraq&m=144104533800819&w=2

http://marc.info/?l=bugtraq&m=144060606031437&w=2

http://marc.info/?l=bugtraq&m=143558092609708&w=2

http://marc.info/?l=bugtraq&m=143655800220052&w=2

http://marc.info/?l=bugtraq&m=143506486712441&w=2

http://marc.info/?l=bugtraq&m=144102017024820&w=2

http://marc.info/?l=bugtraq&m=144043644216842&w=2

http://marc.info/?l=bugtraq&m=144050121701297&w=2

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

https://openssl.org/news/secadv/20150611.txt

https://security.gentoo.org/glsa/201603-11

http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html

http://www.securitytracker.com/id/1034884

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778

http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929

http://www-304.ibm.com/support/docview.wss?uid=swg21967893

https://security.gentoo.org/glsa/201512-10

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html

http://www.securitytracker.com/id/1034728

http://www.securitytracker.com/id/1034087

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html

http://www.securitytracker.com/id/1033991

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html

http://www-304.ibm.com/support/docview.wss?uid=swg21960041

https://bto.bluecoat.com/security-advisory/sa98

http://www.securitytracker.com/id/1033760

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html

https://security.gentoo.org/glsa/201506-02

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140

http://www-01.ibm.com/support/docview.wss?uid=swg21959111

http://www.securitytracker.com/id/1033513

http://www.securitytracker.com/id/1033433

http://www.securitytracker.com/id/1033430

http://www.securitytracker.com/id/1033416

http://www.securitytracker.com/id/1033385

http://www.fortiguard.com/advisory/2015-05-20-logjam-attack

http://support.citrix.com/article/CTX201114

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241

http://www-304.ibm.com/support/docview.wss?uid=swg21962816

http://www-01.ibm.com/support/docview.wss?uid=swg21962739

http://www-01.ibm.com/support/docview.wss?uid=swg21960191

http://www.ubuntu.com/usn/USN-2706-1

http://www.ubuntu.com/usn/USN-2696-1

http://www.securitytracker.com/id/1033891

http://www.securitytracker.com/id/1033341

http://www.securitytracker.com/id/1033222

http://www.securitytracker.com/id/1033210

http://www.securitytracker.com/id/1033209

http://www.securitytracker.com/id/1033208

http://www.debian.org/security/2015/dsa-3339

http://rhn.redhat.com/errata/RHSA-2015-1526.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc

http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc

https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403

https://www-304.ibm.com/support/docview.wss?uid=swg21959745

https://kc.mcafee.com/corporate/index?page=content&id=SB10122

http://www-304.ibm.com/support/docview.wss?uid=swg21960418

http://www-304.ibm.com/support/docview.wss?uid=swg21960380

http://www-304.ibm.com/support/docview.wss?uid=swg21960194

http://www-304.ibm.com/support/docview.wss?uid=swg21959132

http://www-304.ibm.com/support/docview.wss?uid=swg21958984

http://www-01.ibm.com/support/docview.wss?uid=swg21961717

http://www-01.ibm.com/support/docview.wss?uid=swg21959812

http://www-01.ibm.com/support/docview.wss?uid=swg21959636

http://www-01.ibm.com/support/docview.wss?uid=swg21959539

http://www-01.ibm.com/support/docview.wss?uid=swg21959530

http://www-01.ibm.com/support/docview.wss?uid=swg21959517

http://www-01.ibm.com/support/docview.wss?uid=swg21959481

http://www-01.ibm.com/support/docview.wss?uid=swg21959453

http://www-01.ibm.com/support/docview.wss?uid=swg21959325

http://www-01.ibm.com/support/docview.wss?uid=swg21959195

http://www.ubuntu.com/usn/USN-2656-2

http://www.ubuntu.com/usn/USN-2656-1

http://www.securitytracker.com/id/1032884

http://www.securitytracker.com/id/1032871

http://www.securitytracker.com/id/1032865

http://www.securitytracker.com/id/1032864

http://www.securitytracker.com/id/1032856

http://www.securitytracker.com/id/1032784

http://www.securitytracker.com/id/1032783

http://www.securitytracker.com/id/1032778

http://www.securitytracker.com/id/1032777

http://www.securitytracker.com/id/1032759

http://www.securitytracker.com/id/1032727

http://www.securitytracker.com/id/1032702

http://www.securitytracker.com/id/1032699

http://www.securitytracker.com/id/1032688

http://www.securitytracker.com/id/1032656

http://www.securitytracker.com/id/1032655

http://www.securitytracker.com/id/1032654

http://www.securitytracker.com/id/1032653

http://www.securitytracker.com/id/1032652

http://www.securitytracker.com/id/1032651

http://www.securitytracker.com/id/1032650

http://www.securitytracker.com/id/1032649

http://www.securitytracker.com/id/1032648

http://www.securitytracker.com/id/1032647

http://www.securitytracker.com/id/1032645

http://www.securitytracker.com/id/1032637

http://www.debian.org/security/2015/dsa-3300

http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html

http://www.securitytracker.com/id/1032476

http://www.securitytracker.com/id/1032475

http://www.securitytracker.com/id/1032474

http://www.debian.org/security/2015/dsa-3287

http://rhn.redhat.com/errata/RHSA-2015-1197.html

http://rhn.redhat.com/errata/RHSA-2015-1072.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681

https://security.gentoo.org/glsa/201701-46

http://www.securitytracker.com/id/1036218

http://www.securitytracker.com/id/1033067

http://www.securitytracker.com/id/1033065

http://www.securitytracker.com/id/1033019

http://www.securitytracker.com/id/1032960

http://www.securitytracker.com/id/1032932

http://www.securitytracker.com/id/1032910

http://www.debian.org/security/2016/dsa-3688

http://www.debian.org/security/2015/dsa-3316

https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196

https://security.netapp.com/advisory/ntap-20150619-0001/

https://support.citrix.com/article/CTX216642

https://puppet.com/security/cve/CVE-2015-4000

http://rhn.redhat.com/errata/RHSA-2016-2056.html

http://rhn.redhat.com/errata/RHSA-2016-1624.html

http://rhn.redhat.com/errata/RHSA-2015-1604.html

http://rhn.redhat.com/errata/RHSA-2015-1544.html

http://rhn.redhat.com/errata/RHSA-2015-1488.html

http://rhn.redhat.com/errata/RHSA-2015-1486.html

http://rhn.redhat.com/errata/RHSA-2015-1485.html

http://rhn.redhat.com/errata/RHSA-2015-1243.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1230.html

http://rhn.redhat.com/errata/RHSA-2015-1229.html

http://rhn.redhat.com/errata/RHSA-2015-1228.html

http://rhn.redhat.com/errata/RHSA-2015-1185.html

http://www.securitytracker.com/id/1040630

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

https://www.oracle.com/security-alerts/cpujan2021.html

Details

Source: MITRE

Published: 2015-05-21

Updated: 2021-07-23

Type: CWE-310

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Impact Score: 1.4

Exploitability Score: 2.2

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.0.1 to 1.0.1m (inclusive)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.0.2 to 1.0.2a (inclusive)

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 3

AND

OR

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*

Configuration 5

OR

cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_95:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*

Configuration 8

OR

cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*

Configuration 9

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.10.3 (inclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to 8.3 (inclusive)

Configuration 10

OR

cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*

Configuration 11

OR

cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:* versions up to 1121 (inclusive)

Configuration 12

OR

cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Configuration 13

OR

cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*

cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*

Tenable Plugins

View all (169 total)

IDNameProductFamilySeverity
145225Oracle Enterprise Manager Ops Center (Jan 2021 CPU)NessusMisc.
critical
141914IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.7 LogJam (CVE-2015-4000)NessusWeb Servers
low
132178EulerOS 2.0 SP3 : openssl098e (EulerOS-SA-2019-2643)NessusHuawei Local Security Checks
high
131662EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)NessusHuawei Local Security Checks
high
125001EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)NessusHuawei Local Security Checks
high
700651Oracle Java SE Multiple 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)Nessus Network MonitorWeb Clients
critical
119969SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1345-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
110640SUSE SLES11 Security Update : nagios-nrpe (SUSE-SU-2018:1768-1) (Logjam)NessusSuSE Local Security Checks
low
106495pfSense < 2.2.3 Multiple Vulnerabilities (SA-15_07) (Logjam)NessusFirewalls
critical
106459Weak DH Key Exchange Supported (PCI DSS)NessusGeneral
low
96643GLSA-201701-46 : Mozilla Network Security Service (NSS): Multiple vulnerabilities (Logjam) (SLOTH)NessusGentoo Local Security Checks
high
93871Debian DSA-3688-1 : nss - security update (Logjam) (SLOTH)NessusDebian Local Security Checks
critical
93733SUSE SLES11 Security Update : libtcnative-1-0 (SUSE-SU-2016:2385-1) (Logjam)NessusSuSE Local Security Checks
low
93392openSUSE Security Update : libtcnative-1-0 (openSUSE-2016-1064) (Logjam)NessusSuSE Local Security Checks
low
93314SUSE SLES12 Security Update : libtcnative-1-0 (SUSE-SU-2016:2209-1) (Logjam)NessusSuSE Local Security Checks
low
93157SUSE SLES11 Security Update : mysql (SUSE-SU-2016:1618-1) (Logjam)NessusSuSE Local Security Checks
low
91779Juniper Junos Space < 15.1R2 Multiple Vulnerabilities (JSA10727) (Bar Mitzvah) (Logjam)NessusJunos Local Security Checks
high
91505Debian DLA-507-1 : nss security update (Logjam)NessusDebian Local Security Checks
low
91427Cisco ACE 4710 Appliance / ACE30 Module Multiple Vulnerabilities (Logjam)NessusCISCO
high
91379GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)NessusGentoo Local Security Checks
critical
91123SolarWinds Storage Resource Monitor Profiler < 6.2.3 Multiple Vulnerabilities (Logjam) (POODLE)NessusWindows
critical
90150HP System Management Homepage < 7.5.4 Multiple Vulnerabilities (Logjam)NessusWeb Servers
critical
89904GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)NessusGentoo Local Security Checks
low
89829AIX OpenSSL Advisory : openssl_advisory17.asc (Logjam)NessusAIX Local Security Checks
medium
88824openSUSE Security Update : socat (openSUSE-2016-218) (Logjam)NessusSuSE Local Security Checks
low
88775openSUSE Security Update : socat (openSUSE-2016-215) (Logjam)NessusSuSE Local Security Checks
low
88535openSUSE Security Update : openldap2 (openSUSE-2016-104) (Logjam)NessusSuSE Local Security Checks
low
88534openSUSE Security Update : openldap2 (openSUSE-2016-102) (Logjam)NessusSuSE Local Security Checks
low
88530OpenSSL 1.0.2 < 1.0.2f Multiple Vulnerabilities (Logjam)NessusWeb Servers
low
88529OpenSSL 1.0.1 < 1.0.1r Multiple Vulnerabilities (Logjam)NessusWeb Servers
low
88176SUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2016:0224-1) (Logjam)NessusSuSE Local Security Checks
low
88165openSUSE Security Update : openldap2 (openSUSE-2016-92) (Logjam)NessusSuSE Local Security Checks
low
88049Oracle Secure Global Desktop Multiple Vulnerabilities (January 2016 CPU) (Logjam)NessusMisc.
medium
87765IBM DB2 10.5 < Fix Pack 7 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (Logjam)NessusWindows
high
87764IBM DB2 10.5 < Fix Pack 7 Multiple Vulnerabilities (Linux) (Bar Mitzvah) (FREAK) (Logjam)NessusDatabases
high
87710GLSA-201512-10 : Mozilla Products: Multiple vulnerabilities (Bar Mitzvah) (Logjam)NessusGentoo Local Security Checks
critical
87326Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam)NessusMisc.
medium
86703SUSE SLES12 Security Update : apache2 (SUSE-SU-2015:1851-1) (Logjam)NessusSuSE Local Security Checks
low
86695SUSE SLES11 Security Update : openssh (SUSE-SU-2015:1840-1) (Logjam)NessusSuSE Local Security Checks
low
8977Apple iOS < 8.4 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
high
8801Mac OS X < 10.10.4 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
86339SUSE SLED11 / SLES11 Security Update : openssh (SUSE-SU-2015:1695-1) (Logjam)NessusSuSE Local Security Checks
low
86328SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam)NessusMisc.
low
86285openSUSE Security Update : apache2 (openSUSE-2015-635) (Logjam)NessusSuSE Local Security Checks
low
8879Mozilla Thunderbird < 38.1 Multiple Vulnerabilities (Logjam)Nessus Network MonitorSMTP Clients
critical
86057SUSE SLED11 / SLES11 Security Update : openssh (SUSE-SU-2015:1581-1) (Logjam)NessusSuSE Local Security Checks
low
85951F5 Networks BIG-IP : TLS vulnerability (K16674) (Logjam)NessusF5 Networks Local Security Checks
low
85941SUSE SLED11 Security Update : openssh (SUSE-SU-2015:1547-2) (Logjam)NessusSuSE Local Security Checks
low
85929SUSE SLES11 Security Update : openssh (SUSE-SU-2015:1547-1) (Logjam)NessusSuSE Local Security Checks
low
85928SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2015:1544-1) (Logjam)NessusSuSE Local Security Checks
low
85905SUSE SLED11 / SLES11 Security Update : gnutls (SUSE-SU-2015:1526-1) (Logjam)NessusSuSE Local Security Checks
low
8855Mozilla Firefox < 39.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
85869SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1509-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85795SUSE SLED11 / SLES11 Security Update : Recommended update for openldap2 (SUSE-SU-2015:1482-1) (Logjam)NessusSuSE Local Security Checks
low
85721SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2015:1449-1) (Logjam)NessusSuSE Local Security Checks
low
85695Debian DLA-303-1 : openjdk-6 security update (Bar Mitzvah) (Logjam)NessusDebian Local Security Checks
low
85631Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2015-586) (Bar Mitzvah) (Logjam)NessusAmazon Linux Local Security Checks
low
85588Debian DSA-3339-1 : openjdk-6 - security update (Bar Mitzvah) (Logjam)NessusDebian Local Security Checks
low
85515AIX 5.3 TL 12 : sendmail (IV75967) (Logjam)NessusAIX Local Security Checks
low
85447AIX Java Advisory : java_july2015_advisory.asc (Logjam)NessusAIX Local Security Checks
critical
85379SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85373RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1604) (Logjam)NessusRed Hat Local Security Checks
low
85304AIX 7.1 TL 3 : sendmail (IV75646) (Logjam)NessusAIX Local Security Checks
low
85303AIX 7.1 TL 2 : sendmail (IV75645) (Logjam)NessusAIX Local Security Checks
low
85302AIX 6.1 TL 8 : sendmail (IV75644) (Logjam)NessusAIX Local Security Checks
low
85301AIX 6.1 TL 9 : sendmail (IV75643) (Logjam)NessusAIX Local Security Checks
low
85265Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2706-1) (Bar Mitzvah) (Logjam)NessusUbuntu Local Security Checks
low
85238RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1544) (Logjam)NessusRed Hat Local Security Checks
low
85214SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1331-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85213SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1329-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85212Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20150730) (Bar Mitzvah) (Logjam)NessusScientific Linux Local Security Checks
low
85163Debian DSA-3324-1 : icedove - security update (Logjam)NessusDebian Local Security Checks
low
85154Ubuntu 14.04 LTS / 15.04 : openjdk-7 vulnerabilities (USN-2696-1) (Bar Mitzvah) (Logjam)NessusUbuntu Local Security Checks
low
85153SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1320-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85152SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1319-1) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85149RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:1526) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
85137Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2015-1526) (Bar Mitzvah) (Logjam)NessusOracle Linux Local Security Checks
low
85127CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2015:1526) (Bar Mitzvah) (Logjam)NessusCentOS Local Security Checks
low
85031Debian DSA-3316-1 : openjdk-7 - security update (Bar Mitzvah) (Logjam)NessusDebian Local Security Checks
low
85002openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-512) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
85001openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-511) (Bar Mitzvah) (Logjam)NessusSuSE Local Security Checks
low
84998openSUSE Security Update : libressl (openSUSE-2015-507) (Logjam)NessusSuSE Local Security Checks
high
84978RHEL 5 : java-1.7.0-ibm (RHSA-2015:1488) (Logjam)NessusRed Hat Local Security Checks
low
84960Puppet Enterprise 3.x < 3.8.1 Multiple Vulnerabilities (Logjam)NessusCGI abuses
critical
84956RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1486) (Logjam)NessusRed Hat Local Security Checks
low
84955RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1485) (Logjam)NessusRed Hat Local Security Checks
low
84931Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2015-571) (Bar Mitzvah) (Logjam)NessusAmazon Linux Local Security Checks
medium
84930Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-570) (Bar Mitzvah) (Logjam)NessusAmazon Linux Local Security Checks
low
84929Amazon Linux AMI : nss / nss-util (ALAS-2015-569) (Logjam)NessusAmazon Linux Local Security Checks
low
84900Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : thunderbird vulnerabilities (USN-2673-1) (Logjam)NessusUbuntu Local Security Checks
low
84899SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2015:1269-1)NessusSuSE Local Security Checks
critical
84898SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2015:1268-2)NessusSuSE Local Security Checks
critical
84880AIX OpenSSL Advisory : openssl_advisory14.asc (Logjam)NessusAIX Local Security Checks
high
84873RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:1243) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
84872RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:1242) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
84871RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:1241) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
84864openSUSE Security Update : MozillaThunderbird (openSUSE-2015-495) (Logjam)NessusSuSE Local Security Checks
low
84825Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Unix) (Bar Mitzvah)NessusMisc.
critical
84824Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)NessusWindows
critical
84817Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2015-1230) (Bar Mitzvah) (Logjam)NessusOracle Linux Local Security Checks
low
84808Oracle JRockit R28 < R28.3.7 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah) (Logjam)NessusWindows
high
84794Ubuntu 12.04 LTS : firefox vulnerabilities (USN-2656-2) (Logjam)NessusUbuntu Local Security Checks
low
84793Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)NessusScientific Linux Local Security Checks
medium
84792Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)NessusScientific Linux Local Security Checks
low
84791Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20150715) (Bar Mitzvah) (Logjam)NessusScientific Linux Local Security Checks
low
84789RHEL 5 : java-1.7.0-openjdk (RHSA-2015:1230) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
84788RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2015:1229) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
low
84787RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2015:1228) (Bar Mitzvah) (Logjam)NessusRed Hat Local Security Checks
medium
84785Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2015-1229) (Bar Mitzvah) (Logjam)NessusOracle Linux Local Security Checks
low
84784Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2015-1228) (Bar Mitzvah) (Logjam)NessusOracle Linux Local Security Checks
medium
84780FreeBSD : mozilla -- multiple vulnerabilities (44d9daee-940c-4179-86bb-6e3ffd617869) (Logjam)NessusFreeBSD Local Security Checks
low
84772CentOS 5 : java-1.7.0-openjdk (CESA-2015:1230) (Bar Mitzvah) (Logjam)NessusCentOS Local Security Checks
low
84771CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2015:1229) (Bar Mitzvah) (Logjam)NessusCentOS Local Security Checks
low
84770CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:1228) (Bar Mitzvah) (Logjam)NessusCentOS Local Security Checks
medium
84723SUSE SLES11 Security Update : MySQL (SUSE-SU-2015:1177-2) (Logjam)NessusSuSE Local Security Checks
low
84720openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2015-480) (Logjam)NessusSuSE Local Security Checks
low
84664Ubuntu 14.04 LTS / 14.10 / 15.04 : firefox vulnerabilities (USN-2656-1) (Logjam)NessusUbuntu Local Security Checks
low
84658openSUSE Security Update : MariaDB (openSUSE-2015-479) (BACKRONYM) (Logjam)NessusSuSE Local Security Checks
high
84630openSUSE Security Update : mysql-community-server (openSUSE-2015-474) (Logjam)NessusSuSE Local Security Checks
low
84582Mozilla Thunderbird < 38.1 Multiple Vulnerabilities (Logjam)NessusWindows
critical
84581Firefox < 39.0 Multiple Vulnerabilities (Logjam)NessusWindows
critical
84580Firefox ESR < 38.1 Multiple Vulnerabilities (Logjam)NessusWindows
critical
84579Firefox ESR < 31.8 Multiple Vulnerabilities (Logjam)NessusWindows
critical
84578Mozilla Thunderbird < 38.1 Multiple Vulnerabilities (Mac OS X) (Logjam)NessusMacOS X Local Security Checks
critical
84577Firefox < 39.0 Multiple Vulnerabilities (Mac OS X) (Logjam)NessusMacOS X Local Security Checks
critical
84576Firefox ESR < 38.1 Multiple Vulnerabilities (Mac OS X) (Logjam)NessusMacOS X Local Security Checks
critical
84575Firefox ESR < 31.8 Multiple Vulnerabilities (Mac OS X) (Logjam)NessusMacOS X Local Security Checks
critical
84561SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-2) (Logjam)NessusSuSE Local Security Checks
high
84560SUSE SLED11 / SLES10 Security Update : OpenSSL (SUSE-SU-2015:1183-2) (Logjam)NessusSuSE Local Security Checks
high
84559SUSE SLED11 / SLES11 Security Update : OpenSSL (SUSE-SU-2015:1182-2) (Logjam)NessusSuSE Local Security Checks
high
84558SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2015:1181-2) (Logjam)NessusSuSE Local Security Checks
high
84548SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-1) (Logjam)NessusSuSE Local Security Checks
high
84546SUSE SLED11 / SLES11 Security Update : MySQL (SUSE-SU-2015:1177-1) (Logjam)NessusSuSE Local Security Checks
low
84542Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20150630) (Logjam)NessusScientific Linux Local Security Checks
high
84539Scientific Linux Security Update : nss on SL6.x, SL7.x i386/x86_64 (20150625) (Logjam)NessusScientific Linux Local Security Checks
low
84510Debian DSA-3300-1 : iceweasel - security update (Logjam)NessusDebian Local Security Checks
low
84506CentOS 5 : openssl (CESA-2015:1197) (Logjam)NessusCentOS Local Security Checks
high
84490Apple iOS < 8.4 Multiple Vulnerabilities (Logjam)NessusMobile Devices
high
84489Mac OS X Multiple Vulnerabilities (Security Update 2015-005) (GHOST) (Logjam)NessusMacOS X Local Security Checks
critical
84488Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)NessusMacOS X Local Security Checks
critical
84485Oracle Linux 5 : openssl (ELSA-2015-1197) (Logjam)NessusOracle Linux Local Security Checks
high
84467RHEL 5 : openssl (RHSA-2015:1197) (Logjam)NessusRed Hat Local Security Checks
high
84442SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:1150-1) (Logjam)NessusSuSE Local Security Checks
high
84426SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:1143-1) (Logjam)NessusSuSE Local Security Checks
high
84417Oracle Linux 6 / 7 : nss (ELSA-2015-1185) (Logjam)NessusOracle Linux Local Security Checks
low
84414openSUSE Security Update : openssl (openSUSE-2015-447) (Logjam)NessusSuSE Local Security Checks
high
84405CentOS 6 / 7 : nss / nss-util (CESA-2015:1185) (Logjam)NessusCentOS Local Security Checks
low
84392RHEL 6 / 7 : nss (RHSA-2015:1185) (Logjam)NessusRed Hat Local Security Checks
low
84330GLSA-201506-02 : OpenSSL: Multiple vulnerabilities (Logjam)NessusGentoo Local Security Checks
high
8790OpenSSL 1.0.1 < 1.0.1n / 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)Nessus Network MonitorWeb Servers
medium
84253Debian DLA-247-1 : openssl security update (Logjam)NessusDebian Local Security Checks
high
84251Amazon Linux AMI : openssl (ALAS-2015-550) (Logjam)NessusAmazon Linux Local Security Checks
high
84174Fedora 20 : nss-3.19.1-1.0.fc20 / nss-softokn-3.19.1-1.0.fc20 / nss-util-3.19.1-1.0.fc20 (2015-9161) (Logjam)NessusFedora Local Security Checks
low
84170Debian DSA-3287-1 : openssl - security update (Logjam)NessusDebian Local Security Checks
high
84154OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)NessusWeb Servers
medium
84153OpenSSL 1.0.1 < 1.0.1n Multiple Vulnerabilities (Logjam)NessusWeb Servers
medium
84133FreeBSD : openssl -- multiple vulnerabilities (8305e215-1080-11e5-8ba2-000c2980a9f3) (Logjam)NessusFreeBSD Local Security Checks
high
84015Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150604) (Logjam)NessusScientific Linux Local Security Checks
low
84005RHEL 6 / 7 : openssl (RHSA-2015:1072) (Logjam)NessusRed Hat Local Security Checks
low
84004OracleVM 3.3 : openssl (OVMSA-2015-0065) (Logjam)NessusOracleVM Local Security Checks
low
84003Oracle Linux 6 / 7 : openssl (ELSA-2015-1072) (Logjam)NessusOracle Linux Local Security Checks
low
83994CentOS 6 / 7 : openssl (CESA-2015:1072) (Logjam)NessusCentOS Local Security Checks
low
83962Fedora 22 : nss-3.19.1-1.0.fc22 / nss-softokn-3.19.1-1.0.fc22 / nss-util-3.19.1-1.0.fc22 (2015-9048) (Logjam)NessusFedora Local Security Checks
low
83937Fedora 21 : nss-3.19.1-1.0.fc21 / nss-softokn-3.19.1-1.0.fc21 / nss-util-3.19.1-1.0.fc21 (2015-9130) (Logjam)NessusFedora Local Security Checks
low
83875SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)NessusMisc.
low
83738SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam)NessusMisc.
low
7169TLS Export-Grade Key Exchange Detection (Client)Nessus Network MonitorGeneric
medium
7168TLS Export-Grade Key Exchange DetectionNessus Network MonitorGeneric
low
801945SSL-TLS LogJam VulnerabilityLog Correlation EngineWeb Servers
high