The Logjam is a security vulnerability against a Diffie–Hellman key exchange. It ranges from 512-bit to 1024-bit keys. It was publicly reported on May 20, 2015, by a group of scientists. This server is vulnerable to Logjam attack. This vulnerability allows an attacker to downgrade vulnerable TLS connections using Man-In-The-Middle (MITM) attack. This also allows the attacker to read and modify any data passed over the connection. The vulnerability is because the server is supporting DHE_EXPORT ciphers which can be easily attacked.
Logjam can be executed via two strategies:-
This vulnerability can be exploited using a-man-in-the-middle attacks (MITM).
Beagle recommends to:-
This vulnerability can be fixed by adding the following code in the SSL configuration file.
SSLCipherSuite !EXPORT
After adding the above code, restart Apache in the web server.
Add the following code in nginx.config file.
ssl_ciphers '!EXPORT';
If ssl_ciphers is already configured, you must add !EXPORT with ssl_ciphers.