LOGJAM is a security vulnerability against a Diffie-Hellman key exchange using 512 to 1024 bit keys. The attack forces a downgrade on the TLS connection to use only 512 bits which allows to read and inject data into the connection.

Security Assessment

Security Assessment Prevent SSL LOGJAM

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

LOGJAM is a security vulnerability against a Diffie-Hellman key exchange using 512 to 1024 bit keys. The attack forces a downgrade on the TLS connection to use only 512 bits which allows to read and inject data into the connection. The algorithm uses in most cases the same pre-generated prime numbers which make it way easier (and cheaper) to crack such encryption.

Guides

To prevent LOGJAM, make sure that you do only use strong cypher suites and avoid weak primes. See Secure TLS Configuration for further instructions on configuring these.