Logjam attack vulnerability in the Network Security Services (NSS) in Mozilla products or openssl by leveraging weak keyID: oval:org.secpod.oval:def:25642 | Date: (C)2015-08-06 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
The host is installed with OpenSSL 1.0.1 before 1.0.1n or 1.0.2 before 1.0.2b, Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a logjam attack vulnerability. A flaw is present in the applications, which fail to handle a weak key. Successful exploitation could allow man-in-the-middle (MITM) attackers to force a server to downgrade TLS connections to 512-bit export-grade cryptography by modifying client requests to include only export-grade cipher suites.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Mozilla Thunderbird |
Mozilla Firefox ESR |
Mozilla Firefox |
OpenSSL |