SSL Logjam Vulnerability Checker
Check your SSL/TLS configuration for Logjam vulnerability. Ensure your server uses strong Diffie-Hellman key exchange parameters.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
20 seconds
Time Interval
1 month 4 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
What is SSL Logjam Vulnerability?
SSL Logjam is a cryptographic vulnerability that exploits the use of weak Diffie-Hellman key exchange parameters in SSL/TLS configurations. By targeting servers that support 512-bit (export-grade) Diffie-Hellman keys, attackers can perform a man-in-the-middle (MITM) attack to decrypt encrypted communications.
The vulnerability arises from legacy cryptographic export restrictions, similar to FREAK, which required weaker encryption for certain configurations. Logjam allows attackers to downgrade the security of a connection, forcing it to use these weak parameters. Once the weak keys are broken, encrypted traffic, including sensitive data like login credentials, can be decrypted.
Mitigation involves disabling support for export-grade Diffie-Hellman ciphers, using strong (2048-bit or higher) key exchange parameters, and ensuring modern SSL/TLS configurations.
