72 captures
11 Aug 2015 - 11 Jul 2025
Jul AUG Sep
11
2014 2015 2016
success
fail

About this capture

COLLECTED BY

Organization: Internet Archive

The Internet Archive discovers and captures web pages through many different web crawls. At any given time several distinct crawls are running, some for months, and some every day or longer. View the web archive through the Wayback Machine.

Collection: Survey Crawl Number 3 - Started Aug 1st, 2015 - Ended Feb 11th, 2016

The seed for this crawl was a list of every host in the Wayback Machine

This crawl was run at a level 1 (URLs including their embeds, plus the URLs of all outbound links including their embeds)

The WARC files associated with this crawl are not currently available to the general public.

TIMESTAMPS

The Wayback Machine - http://web.archive.org/web/20150811065219/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
  

CVE

The Standard for Information Security Vulnerability Names

CVE-IDs have a new format –**Learn more**
TOTAL CVE-IDs: 70827

Home > CVE > CVE-2015-4000  

Terminology

Documents

FAQs

CVE List

CVE-ID Syntax Change

About CVE Identifiers

Search CVE

Search NVD

Updates & RSS Feeds

Request a CVE-ID

CVE In Use

CVE-Compatible Products

NVD for CVE Fix Information

CVSS for Scoring CVE-IDs

CVE Numbering Authorities (CNAs)

News & Events

Calendar

Free Newsletter

Community

CVE Editorial Board

Sponsor

Contact Us

Search the Site

Site Map

Search Master Copy of CVE

Download CVE

View CVE

CVE-ID Syntax Change

CVE-ID Syntax Compliance

CVE-ID Syntax Guidance

CVE-ID Syntax Test Data

About CVE Identifiers

Data Sources/Product Coverage

Editorial Policies

CVE Editor's Commentary

Reference Key/Maps

Search Tips

Updates & RSS Feeds

Request a CVE Identifier

Items of Interest

Terminology

Common Vulnerability Scoring System (CVSS)

Common Vulnerability Reporting Framework (CVRF)

National Vulnerability Database (NVD)
 
CVE-ID

CVE-2015-4000
Learn more at National Vulnerability Database (NVD)
• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20150515 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20150515)
Votes (Legacy)
Comments (Legacy) 

 

 

  Proposed (Legacy)
 

 

  N/A
 

 

  
  This is an entry on the CVE
  list, which standardizes names for security
  problems.
 

 

  
   


     
   
   


   

You can also search by reference using the CVE Reference Maps.


  		
 

 

  
   For More Information:  cve@mitre.org
  
 








Back to top