Search for vulnerabilities
| Vulnerability ID | VCID-tpju-q2sh-rbck |
| Aliases |
CVE-2015-4000
|
| Summary | Security researcher Matthew Green reported a Diffie–Hellman (DHE) key processing issue in Network Security Services (NSS) where a man-in-the-middle (MITM) attacker can force a server to downgrade TLS connections to 512-bit export-grade cryptography by modifying client requests to include only export-grade cipher suites. The resulting weak key can then be leveraged to impersonate the server. This attack is detailed in the "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice" paper and is known as the "Logjam Attack."This issue was fixed in NSS version 3.19.1 by limiting the lower strength of supported DHE keys to use 1023 bit primes. |
| Status | Published |
| Exploitability | 2.0 |
| Weighted Severity | 3.6 |
| Risk | 7.2 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3 | 3.7 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json |
| epss | 0.93647 | https://api.first.org/data/v1/epss?cve=CVE-2015-4000 |
| epss | 0.93905 | https://api.first.org/data/v1/epss?cve=CVE-2015-4000 |
| epss | 0.93905 | https://api.first.org/data/v1/epss?cve=CVE-2015-4000 |
| cvssv2 | 7.3 | https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml |
| generic_textual | none | https://www.mozilla.org/en-US/security/advisories/mfsa2015-70 |
| Data source | Metasploit |
|---|---|
| Description | Check if a server supports a given version of SSL/TLS and cipher suites. The certificate is stored in loot, and any known vulnerabilities against that SSL version and cipher suite combination are checked. These checks include POODLE, deprecated protocols, expired/not valid certs, low key strength, null cipher suites, certificates signed with MD5, DROWN, RC4 ciphers, exportable ciphers, LOGJAM, and BEAST. |
| Note | {}
|
| Ransomware campaign use | Unknown |
| Source publication date | Oct. 14, 2014 |
| Source URL | https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/ssl_version.rb |
| Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
|---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
| Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
|---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
| Percentile | 0.99838 |
| EPSS Score | 0.93647 |
| Published At | Aug. 3, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:51.698500+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-70.md | 37.0.0 |