SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

🗓️ 27 Sep 2016 13:46:00Reported by RedHatType

DES and Triple DES in Transport Layer Security enable the SWEET32 birthday attack, allowing a man in the middle to recover plaintext from large traffic.

Reporter	Title	Published	Views	Family All 724
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Rational ClearCase (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Connect:Direct FTP+	24 Jul 202022:49	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM JAVA 7 affect IBM UrbanCode Release (CVE-2016-2183)	18 Dec 201913:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Directory Suite.	31 Jul 201804:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affects IBM Rational ClearCase (CVE-2016-2177, CVE-2016-2178, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web software releases are affected by a vulnerability known as the SWEET32 Birthday attack (CVE-2016-2183)	16 Jun 201822:00	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM Application Delivery Intelligence v1.0.1, v1.0.1.1, and v1.0.2. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547,CVE-2016-5548, CVE-2016-5549)	3 Aug 201804:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time	15 Jun 201807:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM Java SDK affects IMS™ Enterprise Suite: Explorer for Development (CVE-2016-2183, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549).	1 Jun 202213:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Support Assistant Team Server	15 Jun 201807:07	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	ppc	openssl	0:1.0.1e-48.el6_8.3	openssl-0:1.0.1e-48.el6_8.3.ppc.rpm
Red Hat Enterprise Linux	6	ppc64	openssl	0:1.0.1e-48.el6_8.3	openssl-0:1.0.1e-48.el6_8.3.ppc64.rpm
Red Hat Enterprise Linux	6	s390	openssl	0:1.0.1e-48.el6_8.3	openssl-0:1.0.1e-48.el6_8.3.s390.rpm
Red Hat Enterprise Linux	6	s390x	openssl	0:1.0.1e-48.el6_8.3	openssl-0:1.0.1e-48.el6_8.3.s390x.rpm
Red Hat Enterprise Linux	6	x86_64	openssl	0:1.0.1e-48.el6_8.3	openssl-0:1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux	6	any	openssl	0:1.0.1e-48.el6_8.3.i686	openssl-0:1.0.1e-48.el6_8.3.i686.noarch.rpm
Red Hat Enterprise Linux	7	ppc64	openssl	1:1.0.1e-51.el7_2.7	openssl-1:1.0.1e-51.el7_2.7.ppc64.rpm
Red Hat Enterprise Linux	7	ppc64le	openssl	1:1.0.1e-51.el7_2.7	openssl-1:1.0.1e-51.el7_2.7.ppc64le.rpm
Red Hat Enterprise Linux	7	s390x	openssl	1:1.0.1e-51.el7_2.7	openssl-1:1.0.1e-51.el7_2.7.s390x.rpm
Red Hat Enterprise Linux	7	x86_64	openssl	1:1.0.1e-51.el7_2.7	openssl-1:1.0.1e-51.el7_2.7.x86_64.rpm

Source	Link
access	www.access.redhat.com/articles/2548661
access	www.access.redhat.com/errata/RHSA-2016:1940
access	www.access.redhat.com/security/cve/CVE-2016-2183
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-2183
sweet32	www.sweet32.info/
cve	www.cve.org/CVERecord

03 Jun 2026 17:12Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25

CVSS 3.17.5

EPSS0.40993

SSVC

CWE-327