topic TLS Diffie-Hellman Key Exchange Logjam Vulnerability in Network Security https://community.cisco.com/t5/network-security/tls-diffie-hellman-key-exchange-logjam-vulnerability/m-p/2707294#M918167 <P>We have Cisco Security Manager 4.8 running on Windows Server 2008 R2, recently we have conducted a scan on the server, and the following vulnerability has been reported &nbsp;"TLS Diffie-Hellman Key Exchange Logjam Vulnerability". Note that we have excluded weak ciphers !EXPORT from httpd.conf file and rerun scan but vulnerability still exists.</P><P>&nbsp;</P><P>Is it related to OpenSSL version that comes integrated with CSM? How can this be mitigated?</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 21 Feb 2020 13:30:57 GMT Omar Khouli 2020-02-21T13:30:57Z TLS Diffie-Hellman Key Exchange Logjam Vulnerability https://community.cisco.com/t5/network-security/tls-diffie-hellman-key-exchange-logjam-vulnerability/m-p/2707294#M918167 <P>We have Cisco Security Manager 4.8 running on Windows Server 2008 R2, recently we have conducted a scan on the server, and the following vulnerability has been reported &nbsp;"TLS Diffie-Hellman Key Exchange Logjam Vulnerability". Note that we have excluded weak ciphers !EXPORT from httpd.conf file and rerun scan but vulnerability still exists.</P><P>&nbsp;</P><P>Is it related to OpenSSL version that comes integrated with CSM? How can this be mitigated?</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 21 Feb 2020 13:30:57 GMT https://community.cisco.com/t5/network-security/tls-diffie-hellman-key-exchange-logjam-vulnerability/m-p/2707294#M918167 Omar Khouli 2020-02-21T13:30:57Z I have recently run into what https://community.cisco.com/t5/network-security/tls-diffie-hellman-key-exchange-logjam-vulnerability/m-p/2707295#M918170 <P>I have recently run into what sounds like a similar problem on a different platform. In our case it seems to be an issue about using Diffie-Hellman group 2 which uses 1024 bits. I wonder if that is the case with your platform also.</P><P>&nbsp;</P><P>HTH</P><P>&nbsp;</P><P>Rick</P><P><OBJECT cotype="cs" id="SILOBFWOBJECTID" style="width: 0px; height: 0px; display: block;" type="cosymantecnisbfw"></OBJECT></P> Thu, 16 Jul 2015 15:13:48 GMT https://community.cisco.com/t5/network-security/tls-diffie-hellman-key-exchange-logjam-vulnerability/m-p/2707295#M918170 Richard Burts 2015-07-16T15:13:48Z