New Logjam Attack

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
1 accepted solution

Accepted Solutions

We have signature for CVE-2015-4000. The threat ID number is 37756 (Export Diffie-Hellman Cipher Suite Found). This was released with the content update 502. 

The attack is only effective when DHE_EXPORT cipher suite is effective. 

PAN-OS doesn't use DHE_EXPORT. So PAN-OS is not vulnerable to this CVE.

View solution in original post

4 REPLIES 4

L0 Member

Palo Alto is Aware of this , Engineering is researching on this and once there is an update it will be provided publicly .

how about a threat signature update to alert on logjam attempts... <queue jeopardy music>

We have signature for CVE-2015-4000. The threat ID number is 37756 (Export Diffie-Hellman Cipher Suite Found). This was released with the content update 502. 

The attack is only effective when DHE_EXPORT cipher suite is effective. 

PAN-OS doesn't use DHE_EXPORT. So PAN-OS is not vulnerable to this CVE.

Do you know what method for key exchange else DH to access mgmt web ?

  • 1 accepted solution
  • 5911 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!