Still have questions?
- Contact our Support team.
The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports
DHE_EXPORT ciphers and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable.
The VersionOne application application was not impacted as the DHE_EXPORT or EXP-EDH ciphers are disabled. We have also tested each web server by using the Qualsys SSL Server Test. All servers are safe from the Logjam Attack Vulnerability.