CVE-2016-2183

🗓️ 01 Sep 2016 00:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 2035 Views🌐 WEB

CVE-2016-2183: Vulnerability in DES and Triple DES Ciphers

Reporter	Title	Published	Views	Family All 719
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Rational ClearCase (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct FTP+	24 Jul 202022:49	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM JAVA 7 affect IBM UrbanCode Release (CVE-2016-2183)	18 Dec 201913:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Directory Suite.	31 Jul 201804:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affects IBM Rational ClearCase (CVE-2016-2177, CVE-2016-2178, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web software releases are affected by a vulnerability known as the SWEET32 Birthday attack (CVE-2016-2183)	16 Jun 201822:00	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM Application Delivery Intelligence v1.0.1, v1.0.1.1, and v1.0.2. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547,CVE-2016-5548, CVE-2016-5549)	3 Aug 201804:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time	15 Jun 201807:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java SDK affects IMS™ Enterprise Suite: Explorer for Development (CVE-2016-2183, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549).	1 Jun 202213:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Support Assistant Team Server	15 Jun 201807:07	–	ibm

NVD

Node

redhat jboss_enterprise_application_platformMatch6.0.0

redhat jboss_enterprise_web_serverMatch1.0.0

redhat jboss_enterprise_web_serverMatch2.0.0

redhat jboss_web_serverMatch3.0

redhat enterprise_linuxMatch5.0

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

Node

python pythonRange2.7.0–2.7.13

python pythonRange3.4.0–3.4.7

python pythonRange3.5.0–3.5.3

Node

cisco content_security_management_applianceMatch9.6.6-068

cisco content_security_management_applianceMatch9.7.0-006

Node

openssl opensslMatch1.0.1a

openssl opensslMatch1.0.1b

openssl opensslMatch1.0.1c

openssl opensslMatch1.0.1d

openssl opensslMatch1.0.1e

openssl opensslMatch1.0.1f

openssl opensslMatch1.0.1g

openssl opensslMatch1.0.1h

openssl opensslMatch1.0.1i

openssl opensslMatch1.0.1j

openssl opensslMatch1.0.1k

openssl opensslMatch1.0.1l

openssl opensslMatch1.0.1m

openssl opensslMatch1.0.1n

openssl opensslMatch1.0.1o

openssl opensslMatch1.0.1p

openssl opensslMatch1.0.1q

openssl opensslMatch1.0.1r

openssl opensslMatch1.0.1t

openssl opensslMatch1.0.2a

openssl opensslMatch1.0.2b

openssl opensslMatch1.0.2c

openssl opensslMatch1.0.2d

openssl opensslMatch1.0.2e

openssl opensslMatch1.0.2f

openssl opensslMatch1.0.2h

Node

oracle databaseMatch11.2.0.4

oracle databaseMatch12.1.0.2

Node

nodejs node.jsRange0.10.0–0.10.47

nodejs node.jsRange0.12.0–0.12.16

nodejs node.jsRange4.0.0–4.1.2-

nodejs node.jsRange4.2.0–4.6.0lts

nodejs node.jsRange6.0.0–6.7.0-

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html
access	www.access.redhat.com/errata/RHSA-2017:3240
h20566	www.h20566.www2.hpe.com/hpsc/doc/public/display
oracle	www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
securityfocus	www.securityfocus.com/archive/1/539885/100/0/threaded
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay
splunk	www.splunk.com/view/SP-CAAAPSV
arista	www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay

Parameter	Position	Path	Description	CWE
new_home_page	request body	openadmin/services/welcome/welcomeService.php	Unauthenticated static PHP code injection leading to remote code execution via saveHomePage in welcomeService.php.	CWE-200
act	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
do	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
SERVER	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
HOST	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
PORT	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
IDSPROTOCOL	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
USERNAME	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
PASSWORD	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200
ENVVARS	query param	openadmin/index.php	Remote DLL Injection / arbitrary code execution via login/testconn path and manipulated connection parameters.	CWE-200

17 Jun 2026 00:43Current

6.5Medium risk

Vulners AI Score6.5

CVSS 25

CVSS 3.17.5

EPSS0.95707

SSVC