search cancel

Is Messaging Gateway vulnerable to CVE-2015-4000 / "Logjam" Diffie-Helman key exchange weakness

book

Article ID: 161983

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

A vulnerability scan of Messaging Gateway (SMG) states that SMG is vulnerable to CVE-2015-4000 / Logjam

"Logjam" is a weakness with the TLS protocol which may allow an attacker to force a lower level of security for some secured connections that use the Diffie-Hellman key exchange. For a full description of the issue please see https://weakdh.org.

Resolution

Neither the SMG Control Center web interface nor the SMTP TLS communications are affected by the Logjam vulnerability. Neither TLS configurations implement the DHE_EXPORT ciphers which are required by the Logjam vulnerability.