CVE-2015-4000
LOWOpenSSL 1.0.1-1.0.1l - Man-in-the-Middle Cipher Downgrade via DHE_EXPORT
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2015-4000.
PoCs published by fatlan, todb, et, Chris John Riley, including Metasploit module auxiliary/scanner/ssl/ssl_version.
AI-analyzed exploit summary This repository provides a detailed guide for setting up HAProxy and Keepalived for high availability load balancing and failover. It includes configuration steps, SSL setup, and ACL-based routing examples.
Description
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Exploits (2)
nomisec
WRITEUP
6 stars
by fatlan · poc
https://github.com/fatlan/HAProxy-Keepalived-Sec-HighLoads
This repository provides a detailed guide for setting up HAProxy and Keepalived for high availability load balancing and failover. It includes configuration steps, SSL setup, and ACL-based routing examples.
Classification
Writeup 100%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target:
HAProxy and Keepalived
No auth needed
Prerequisites:
Access to multiple servers · Administrative privileges · Basic understanding of load balancing and failover concepts
devstral-2 · analyzed Feb 16, 2026
Full analysis →
metasploit
SCANNER
by todb, et, Chris John Riley · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/ssl_version.rb
This Metasploit module scans SSL/TLS services for supported versions and cipher suites, and checks for known vulnerabilities such as POODLE, DROWN, BEAST, and LOGJAM. It does not exploit these vulnerabilities but detects and reports them.
Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target:
SSL/TLS services
No auth needed
Prerequisites:
Network access to the target SSL/TLS service
devstral-2 · analyzed Jun 17, 2026
Full analysis →
References (217)
Core 217
Core References
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3287
Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Third Party Advisory
https://weakdh.org/imperfect-forward-secrecy.pdf
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1243.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033208
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032637
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144050121701297&w=2
Third Party Advisory vendor-advisory
http://www.debian.org/security/2016/dsa-3688
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032865
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143557934009303&w=2
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1034728
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032656
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2016-2056.html
Mailing List, Third Party Advisory mailing-list
http://openwall.com/lists/oss-security/2015/05/20/8
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144061542602287&w=2
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143628304012255&w=2
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144060576831314&w=2
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032475
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032960
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032653
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033385
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/201512-10
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1229.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032864
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032910
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032645
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2706-1
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/201701-46
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1526.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033760
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1485.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1197.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144104533800819&w=2
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032699
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032476
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032649
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144043644216842&w=2
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143637549705650&w=2
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1544.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
Third Party Advisory vendor-advisory
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032688
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032652
Mailing List, Third Party Advisory vendor-advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1185.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143558092609708&w=2
Mailing List, Third Party Advisory vendor-advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144069189622016&w=2
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032648
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032759
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1228.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144060606031437&w=2
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3316
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033209
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032871
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3324
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032655
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033210
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=145409266329539&w=2
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2673-1
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1034884
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143506486712441&w=2
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/201603-11
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033064
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032778
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032474
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144493176821532&w=2
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=144102017024820&w=2
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032784
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032777
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033416
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033991
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032647
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032654
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033341
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1486.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033433
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2696-1
Mailing List, Third Party Advisory vendor-advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032702
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3339
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032727
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1242.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/201506-02
Third Party Advisory, VDB Entry vdb-entry
http://www.securityfocus.com/bid/91787
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2016-1624.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1488.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033430
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1241.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143880121627664&w=2
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1230.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securityfocus.com/bid/74733
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032651
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033065
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2656-1
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033222
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1036218
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
Mailing List, Third Party Advisory vendor-advisory
http://marc.info/?l=bugtraq&m=143655800220052&w=2
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1040630
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1034087
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033513
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032884
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1604.html
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032932
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033891
Mailing List, Third Party Advisory vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032783
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032856
Mailing List, Third Party Advisory vendor-advisory
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
Third Party Advisory vendor-advisory
http://www.debian.org/security/2015/dsa-3300
Third Party Advisory vendor-advisory
http://www.ubuntu.com/usn/USN-2656-2
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033067
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1033019
Third Party Advisory vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1072.html
Third Party Advisory, VDB Entry vdb-entry
http://www.securitytracker.com/id/1032650
Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21962739
Third Party Advisory
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
Third Party Advisory
http://support.apple.com/kb/HT204941
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21962816
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959812
Third Party Advisory
https://www-304.ibm.com/support/docview.wss?uid=swg21959745
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21959132
Third Party Advisory
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959539
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959325
Vendor Advisory
https://openssl.org/news/secadv/20150611.txt
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Third Party Advisory
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21967893
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21958984
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959517
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959195
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21961717
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960194
Third Party Advisory
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959453
Third Party Advisory
https://security.netapp.com/advisory/ntap-20150619-0001/
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959111
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960418
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
Third Party Advisory
https://www.suse.com/security/cve/CVE-2015-4000.html
Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
Third Party Advisory
http://support.citrix.com/article/CTX201114
Third Party Advisory
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960380
Third Party Advisory
http://support.apple.com/kb/HT204942
Third Party Advisory
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
Third Party Advisory
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959530
Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21960191
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959636
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
Third Party Advisory
https://puppet.com/security/cve/CVE-2015-4000
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
Third Party Advisory
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
Third Party Advisory
https://support.citrix.com/article/CTX216642
Third Party Advisory
https://weakdh.org/
Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959481
Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa98
Issue Tracking, Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21962455
Vendor Advisory
https://www.openssl.org/news/secadv_20150611.txt
Third Party Advisory
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Scores
CVSS v3
3.7
EPSS
0.9986
EPSS Percentile
100.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-295
CWE-310
Status
published
Products (36)
apple/iphone_os
< 8.3
apple/mac_os_x
< 10.10.3
apple/safari
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
14.10
canonical/ubuntu_linux
15.04
debian/debian_linux
7.0
debian/debian_linux
8.0
google/chrome
... and 26 more
Published
May 21, 2015
Tracked Since
Feb 18, 2026