SSL SSLv3 Logjam with CBC Cipher TLS_DHE-DSS-DES40-CBC-SHA (CVE-2015-4000)
Rule ID
1132866
Severity
Low
Description
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE.
Impact
Information disclosure
Recommendation
Update vendor's patch.
IPS Category
Exploits
IPS Anomaly Group
N/A
IPS Rule Default Action
Allow
References
Keywords
N/A
Date Created
2016/08/08
Last Updated
2024/07/23
This website uses cookies to ensure you get the best experience on our website.
Learn more