Описание
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| esm-infra-legacy/trusty | not-affected | 2.4.7-1ubuntu4.4 |
| esm-infra/bionic | not-affected | |
| esm-infra/xenial | not-affected | |
| precise | released | 2.2.22-1ubuntu1.9 |
| precise/esm | not-affected | 2.2.22-1ubuntu1.9 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 39.0+build5-0ubuntu1 |
| bionic | released | 39.0+build5-0ubuntu1 |
| cosmic | released | 39.0+build5-0ubuntu1 |
| devel | released | 39.0+build5-0ubuntu1 |
| disco | released | 39.0+build5-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [39.0+build5-0ubuntu0.14.04.1]] |
| precise | released | 39.0+build5-0ubuntu0.12.04.2 |
| precise/esm | DNE | precise was released [39.0+build5-0ubuntu0.12.04.2] |
| trusty | released | 39.0+build5-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [39.0+build5-0ubuntu0.14.04.1] |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | not-affected | |
| precise | not-affected | |
| precise/esm | not-affected | |
| trusty | not-affected | |
| trusty/esm | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/bionic | not-affected | |
| esm-infra/xenial | not-affected | |
| precise | not-affected | |
| precise/esm | DNE | precise was not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2:3.19.2-1ubuntu1 |
| bionic | released | 2:3.19.2-1ubuntu1 |
| cosmic | released | 2:3.19.2-1ubuntu1 |
| devel | released | 2:3.19.2-1ubuntu1 |
| disco | released | 2:3.19.2-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2:3.19.2-0ubuntu0.14.04.1 |
| esm-infra/bionic | not-affected | 2:3.19.2-1ubuntu1 |
| esm-infra/xenial | not-affected | 2:3.19.2-1ubuntu1 |
| precise | released | 3.19.2-0ubuntu0.12.04.1 |
| precise/esm | not-affected | 3.19.2-0ubuntu0.12.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [6b36-1.13.8-0ubuntu1~14.04]] |
| precise | released | 6b36-1.13.8-0ubuntu1~12.04 |
| precise/esm | DNE | precise was released [6b36-1.13.8-0ubuntu1~12.04] |
| trusty | released | 6b36-1.13.8-0ubuntu1~14.04 |
| trusty/esm | DNE | trusty was released [6b36-1.13.8-0ubuntu1~14.04] |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [7u79-2.5.6-0ubuntu1.14.04.1]] |
| precise | released | 7u79-2.5.6-0ubuntu1.12.04.1 |
| precise/esm | DNE | precise was released [7u79-2.5.6-0ubuntu1.12.04.1] |
| trusty | released | 7u79-2.5.6-0ubuntu1.14.04.1 |
| trusty/esm | DNE | trusty was released [7u79-2.5.6-0ubuntu1.14.04.1] |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 8u66-b17-1 |
| bionic | not-affected | 8u66-b17-1 |
| cosmic | not-affected | 8u66-b17-1 |
| devel | not-affected | 8u66-b17-1 |
| disco | not-affected | 8u66-b17-1 |
| esm-apps/bionic | not-affected | 8u66-b17-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 8u66-b17-1 |
| precise | DNE | |
| precise/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.0.2a-1ubuntu1 |
| bionic | not-affected | 1.0.2a-1ubuntu1 |
| cosmic | not-affected | 1.0.2a-1ubuntu1 |
| devel | not-affected | 1.0.2a-1ubuntu1 |
| disco | not-affected | 1.0.2a-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 1.0.1f-1ubuntu2.12 |
| esm-infra/bionic | not-affected | 1.0.2a-1ubuntu1 |
| esm-infra/xenial | not-affected | 1.0.2a-1ubuntu1 |
| precise | released | 1.0.1-4ubuntu5.28 |
| precise/esm | not-affected | 1.0.1-4ubuntu5.28 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1:31.8.0+build1-0ubuntu1 |
| bionic | released | 1:31.8.0+build1-0ubuntu1 |
| cosmic | released | 1:31.8.0+build1-0ubuntu1 |
| devel | released | 1:31.8.0+build1-0ubuntu1 |
| disco | released | 1:31.8.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:31.8.0+build1-0ubuntu0.14.04.1]] |
| precise | released | 1:31.8.0+build1-0ubuntu0.12.04.1 |
| precise/esm | DNE | precise was released [1:31.8.0+build1-0ubuntu0.12.04.1] |
| trusty | released | 1:31.8.0+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:31.8.0+build1-0ubuntu0.14.04.1] |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ena ...
EPSS
4.3 Medium
CVSS2
3.7 Low
CVSS3