CVE-2015-4000 in Enterprise Manager Ops Center信息

摘要

由 VulDB • 2026-06-12

TLS 1.2及更早版本在服务器启用了DHE_EXPORT密码套件但客户端未启用时,无法正确传达DHE_EXPORT选择结果。这使得中间人攻击者能够通过重写包含被替换为DHE_EXPORT的DHE的ClientHello消息,以及随后将ServerHello中的DHE_EXPORT重新写回为DHE的消息,实施密码降级攻击(即“Logjam”漏洞)。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!