The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a “Sweet32” attack.

CPENameOperatorVersion
forticacheeq4.1.1
forticacheeq4.0.4
forticacheeq4.0.3
forticacheeq4.0.2
forticacheeq4.0.1
forticacheeq4.0.0
forticacheeq3.1.1
forticacheeq3.1.0
forticacheeq3.0.8
forticacheeq3.0.7

Name	Operator	Version
forticache	eq	4.1.1
forticache	eq	4.0.4
forticache	eq	4.0.3
forticache	eq	4.0.2
forticache	eq	4.0.1
forticache	eq	4.0.0
forticache	eq	3.1.1
forticache	eq	3.1.0
forticache	eq	3.0.8
forticache	eq	3.0.7

Rows per page:

1-10 of 641

ibm 78

nessus 38

symantec 1

openvas 11

f5 4

mageia 1

fedora 3

veracode 3

ubuntucve 2

prion 3

amazon 1

gentoo 1

debiancve 1

osv 3

cve 3

hackerone 7

checkpoint_advisories 1

attackerkb 1

cloudfoundry 1

alpinelinux 1

redhat 11

oraclelinux 3

github 1

threatpost 4

openssl 1

centos 1

exploitpack 1

zdt 1

redhatcve 1

packetstorm 1

ubuntu 3

seebug 1

slackware 1

suse 2

ics 1

exploitdb 1

kitploit 1

ibm

Security Bulletin: OpenSSL and OpenVPN vulnerabilities affect IBM Rational Team Concert (CVE-2016-2183, CVE-2016-6329)

2018-06-17 05:16:31

Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities.

2018-10-01 21:25:01

Security Bulletin: IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks (CVE-2016-2183 CVE-2016-6329).

2022-04-11 15:07:09

nessus

SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

2016-11-01 00:00:00

Fedora 25 : openvpn (2016-81d6e6a9ac) (SWEET32)

2016-11-15 00:00:00

GLSA-201611-02 : OpenVPN: Multiple vulnerabilities (SWEET32)

2016-11-02 00:00:00

symantec

SA133 : Sweet32 Birthday Attack against DES, 3DES, and Blowfish

2016-12-22 08:00:00

openvas

SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

2016-12-22 00:00:00

Fedora Update for openvpn FEDORA-2016-81d6e6a9ac

2016-12-07 00:00:00

Amazon Linux: Security Advisory (ALAS-2016-750)

2016-10-26 00:00:00

K30315990 : OpenVPN vulnerability CVE-2016-6329

2016-09-12 00:00:00

SOL30315990 - OpenVPN vulnerability CVE-2016-6329

2016-09-12 00:00:00

SOL13167034 - OpenSSL vulnerability CVE-2016-2183

2016-10-04 00:00:00

mageia

Updated openvpn packages fix security vulnerability

2016-09-16 12:27:13

fedora

[SECURITY] Fedora 24 Update: openvpn-2.3.12-1.fc24

2016-08-26 10:23:30

[SECURITY] Fedora 25 Update: openvpn-2.3.12-1.fc25

2016-08-29 08:08:47

[SECURITY] Fedora 23 Update: openvpn-2.3.12-1.fc23

2016-09-01 18:55:39

veracode

Sweet32 Attack

2020-09-21 06:32:55

Information Disclosure

2017-01-09 02:06:31

Weak Encryption

2019-01-15 09:15:57

ubuntucve

CVE-2016-6329

2017-01-31 00:00:00

CVE-2016-2183

2016-08-31 00:00:00

prion

Design/Logic Flaw

2017-01-31 22:59:00

Design/Logic Flaw

2016-09-01 00:59:00

Design/Logic Flaw

2023-01-17 21:15:00

amazon

Medium: openvpn

2016-09-27 10:30:00

gentoo

OpenVPN: Multiple vulnerabilities

2016-11-01 00:00:00

debiancve

CVE-2016-6329

2017-01-31 22:59:00

osv

CVE-2016-6329

2017-01-31 22:59:00

CVE-2016-2183

2016-09-01 00:59:00

Kyverno vulnerable due to usage of insecure cipher

2023-05-30 20:07:06

cve

CVE-2016-6329

2017-01-31 22:59:00

CVE-2016-2183

2016-09-01 00:59:00

CVE-2023-0296

2023-01-17 21:15:15

hackerone

Legal Robot: SWEET32 TLS attack

2017-01-18 18:03:52

Yelp: Yelp.com is vulnerable to SWEET32 attack

2017-01-18 17:43:32

Udemy: sweet32

2017-03-31 12:18:22

checkpoint_advisories

Weak SSL 3DES Cipher Suites (CVE-2016-2183)

2016-09-25 00:00:00

attackerkb

CVE-2016-2183

2016-09-01 00:00:00

cloudfoundry

CVE-2016-2183: Birthday attacks against TLS ciphers with 64bit block size | Cloud Foundry

2019-10-24 00:00:00

alpinelinux

CVE-2016-2183

2016-09-01 00:59:00

redhat

(RHSA-2019:2859) Moderate: OpenShift Container Platform 4.1.18 security update

2019-09-27 00:13:12

(RHSA-2019:1245) Moderate: Red Hat Quay 3.0.2 security and bug fix update

2019-05-20 14:11:05

(RHSA-2017:0462) Moderate: java-1.8.0-ibm security update

2017-03-08 11:18:03

oraclelinux

python security update

2018-07-03 00:00:00

python security and bug fix update

2018-11-05 00:00:00

openssl security update

2016-10-13 00:00:00

github

Kyverno vulnerable due to usage of insecure cipher

2023-05-30 20:07:06

threatpost

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

2016-08-24 08:00:39

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

2016-09-23 15:47:13

OpenSSL Fixes Critical Bug Introduced by Latest Update

2016-09-26 10:45:04

openssl

Vulnerability in OpenSSL CVE-2016-2183

2016-08-24 00:00:00

centos

python, tkinter security update

2018-07-13 16:28:09

exploitpack

IBM Informix Dynamic Server Informix Open Admin Tool - DLL Injection Remote Code Execution Heap Buffer Overflow

2017-05-30 00:00:00

zdt

IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Hea

2017-05-31 00:00:00

redhatcve

CVE-2023-0296

2023-01-16 14:05:12

packetstorm

IBM Informix Dynamic Server DLL Injection / Code Execution

2017-05-31 00:00:00

ubuntu

NSS vulnerabilities

2017-04-27 00:00:00

NSS vulnerability

2017-07-31 00:00:00

OpenVPN vulnerabilities

2017-06-22 00:00:00

seebug

IBM Informix Dynamic Server Open Admin Tool RCE (CVE-2017-1092)

2017-05-24 00:00:00

slackware

[slackware-security] python

2016-12-28 21:09:54

suse

Security update for openvpn (important)

2017-06-20 12:11:37

Security update for openvpn (important)

2017-10-24 15:07:23

ics

Siemens SIMATIC RF6XXR

2019-07-11 12:00:00

exploitdb

IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Heap Buffer Overflow

2017-05-30 00:00:00

kitploit

CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring

2024-01-08 11:30:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

74.9%

JSON

Related for FG-IR-17-173