SSL-TLS LogJam Vulnerability
High Log Correlation Engine Plugin ID 801945
SynopsisServers using Diffie-Hellman key exchanges via SSL or TLS that include the export option are vulnerable to a man in the middle attack.
DescriptionThe Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection.
SolutionDisable export cipher suites, and instead deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE).