[CONTROLLER-1354] [SECURITY] LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks CVE-2015-4000 - OpenDaylight JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Resolution: Done
Affects Version/s: Lithium
Fix Version/s: None
Component/s: karaf
Labels:
None
Environment:

Operating System: All
Platform: All

External issue ID:
3552
Priority:
Normal

Description

Various components of OpenDaylight are affected by the LOGJAM TLS downgrade vulnerability:

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Ciphers.java
05/Jun/15 10:55 AM
1 kB
Anton Ivanov

Issue Links

blocks

CONTROLLER-1353 [SECURITY] LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks CVE-2015-4000

Resolved

CONTROLLER-1355 [SECURITY] LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks CVE-2015-4000

Resolved

OPNFLWPLUG-485 Address various encryption related CVEs and RFCs

Resolved

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Maros Marsalek

Reporter:: David Jorm

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 03/Jun/15 2:59 AM

Updated:: 15/Jun/15 8:15 AM

Resolved:: 15/Jun/15 8:15 AM