hello
have found new attack against 3DES-CBC cipher in TLS,that they can decrypt customer data using a method called SWEET32 Birthday Attack.
This Vulnerability has got CVE-2016-2183 and has cvss score 5.0
in atach you will see a print screen vuln confirmation by nmap script
Mitigation for SWEET32 attack
Prefer minimum 128-bit cipher suites
Limit the length of TLS sessions with a 64-bit cipher, which could be done with TLS renegotiation or closing and starting a new connection
Disable cipher suites using 3DES

ibm 104

hackerone 6

prion 2

nessus 32

cve 2

checkpoint_advisories 1

openvas 7

attackerkb 1

alpinelinux 1

cloudfoundry 1

f5 2

redhat 13

ubuntucve 1

oraclelinux 3

osv 2

veracode 2

github 1

threatpost 4

openssl 1

centos 1

exploitpack 1

fortinet 1

zdt 1

redhatcve 1

packetstorm 1

symantec 1

ubuntu 2

seebug 1

slackware 1

exploitdb 1

ics 1

ibm

Security Bulletin: IBM MessageSight affected by GSKit Sweet32 Birthday attacks (CVE-2016-2183)

2018-06-17 15:36:58

Security Bulletin: A vulnerability in Python affects PowerKVM

2018-09-26 17:55:02

Security Bulletin: A security vulnerability has been identified in GSKit shipped with IBM Spectrum Scale V4 (CVE-2016-2183)

2018-08-01 19:18:54

hackerone

Legal Robot: SWEET32 TLS attack

2017-01-18 18:03:52

UPchieve: Vulnerability Report - sweet32 UPchieve

2021-07-21 07:06:38

Nextcloud: Nextcloud.com is vulnerable to SWEET32 attack

2017-01-18 18:23:36

prion

Design/Logic Flaw

2016-09-01 00:59:00

Design/Logic Flaw

2023-01-17 21:15:00

nessus

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:0719-1)

2017-03-20 00:00:00

SSL Medium Strength Cipher Suites Supported (SWEET32)

2009-11-23 00:00:00

F5 Networks BIG-IP : OpenSSL vulnerability (K13167034)

2017-03-02 00:00:00

cve

CVE-2016-2183

2016-09-01 00:59:00

CVE-2023-0296

2023-01-17 21:15:15

checkpoint_advisories

Weak SSL 3DES Cipher Suites (CVE-2016-2183)

2016-09-25 00:00:00

openvas

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2016-1090)

2020-01-23 00:00:00

CentOS Update for python CESA-2018:2123 centos7

2018-07-14 00:00:00

HPE Comware Network Products Remote Information Disclosure Vulnerability

2016-12-09 00:00:00

attackerkb

CVE-2016-2183

2016-09-01 00:00:00

alpinelinux

CVE-2016-2183

2016-09-01 00:59:00

cloudfoundry

CVE-2016-2183: Birthday attacks against TLS ciphers with 64bit block size | Cloud Foundry

2019-10-24 00:00:00

SOL13167034 - OpenSSL vulnerability CVE-2016-2183

2016-10-04 00:00:00

K13167034 : OpenSSL vulnerability CVE-2016-2183

2016-10-04 00:00:00

redhat

(RHSA-2020:3842) Moderate: OpenShift Container Platform 4.5.13 openshift-enterprise-console-container security update

2020-09-30 23:59:28

(RHSA-2017:0462) Moderate: java-1.8.0-ibm security update

2017-03-08 11:18:03

(RHSA-2019:2859) Moderate: OpenShift Container Platform 4.1.18 security update

2019-09-27 00:13:12

ubuntucve

CVE-2016-2183

2016-08-31 00:00:00

oraclelinux

python security update

2018-07-03 00:00:00

python security and bug fix update

2018-11-05 00:00:00

openssl security update

2016-10-13 00:00:00

osv

CVE-2016-2183

2016-09-01 00:59:00

Kyverno vulnerable due to usage of insecure cipher

2023-05-30 20:07:06

veracode

Information Disclosure

2017-01-09 02:06:31

Weak Encryption

2019-01-15 09:15:57

github

Kyverno vulnerable due to usage of insecure cipher

2023-05-30 20:07:06

threatpost

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

2016-08-24 08:00:39

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

2016-09-23 15:47:13

OpenSSL Fixes Critical Bug Introduced by Latest Update

2016-09-26 10:45:04

openssl

Vulnerability in OpenSSL CVE-2016-2183

2016-08-24 00:00:00

centos

python, tkinter security update

2018-07-13 16:28:09

exploitpack

IBM Informix Dynamic Server Informix Open Admin Tool - DLL Injection Remote Code Execution Heap Buffer Overflow

2017-05-30 00:00:00

fortinet

Protect

2019-02-07 00:00:00

zdt

IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Hea

2017-05-31 00:00:00

redhatcve

CVE-2023-0296

2023-01-16 14:05:12

packetstorm

IBM Informix Dynamic Server DLL Injection / Code Execution

2017-05-31 00:00:00

symantec

SA133 : Sweet32 Birthday Attack against DES, 3DES, and Blowfish

2016-12-22 08:00:00

ubuntu

NSS vulnerabilities

2017-04-27 00:00:00

NSS vulnerability

2017-07-31 00:00:00

seebug

IBM Informix Dynamic Server Open Admin Tool RCE (CVE-2017-1092)

2017-05-24 00:00:00

slackware

[slackware-security] python

2016-12-28 21:09:54

exploitdb

IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Heap Buffer Overflow

2017-05-30 00:00:00

ics

Mitsubishi Electric Air Conditioning Systems

2022-06-20 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

71.1%

JSON

Related for H1:217431