The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the Logjam issue.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | 1.0.1 (including) | 1.0.1m (including) |
Openssl | Openssl | 1.0.2 (including) | 1.0.2a (including) |