anonymous175's assessment of CVE-2016-2183 | AttackerKB

Vulnerable in default configuration

Description

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a “Sweet32” attack.

Add Assessment

1

anonymous175 (2)

November 16, 2023 5:29pm UTC (1 week ago)

Ratings

Attacker Value

High

Exploitability

Medium

Vulnerable in default configuration

Log in to Add Reply

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.5 High

Impact Score:

3.6

Exploitability Score:

3.9

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

None

Availability (A):

None

Vendors

cisco,
nodejs,
openssl,
oracle,
python,
redhat

Products

Exploited in the Wild

Reported by:

Slenthonk indicated source as Personally observed in an environment (https://prakerja.go.id)

Reported: June 10, 2022 7:21pm UTC (1 year ago)

References

Canonical

CVE-2016-2183 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183)

BID-92630 (http://www.securityfocus.com/bid/92630)

BID-95568 (http://www.securityfocus.com/bid/95568)

Advisory

https://access.redhat.com/errata/RHSA-2017:3113

http://rhn.redhat.com/errata/RHSA-2017-0338.html

GLSA-201612-16 (https://security.gentoo.org/glsa/201612-16)

https://access.redhat.com/errata/RHSA-2017:3240

https://access.redhat.com/errata/RHSA-2017:2709

https://access.redhat.com/errata/RHSA-2017:3239

GLSA-201701-65 (https://security.gentoo.org/glsa/201701-65)

SECTRACK-1036696 (http://www.securitytracker.com/id/1036696)

GLSA-201707-01 (https://security.gentoo.org/glsa/201707-01)

https://access.redhat.com/errata/RHSA-2017:3114

https://access.redhat.com/errata/RHSA-2017:1216

https://access.redhat.com/errata/RHSA-2017:2710

[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections (https://www.ietf.org/mail-archive/web/tls/current/msg04560.html)

https://access.redhat.com/errata/RHSA-2018:2123

http://rhn.redhat.com/errata/RHSA-2017-0337.html

https://access.redhat.com/errata/RHSA-2017:2708

http://rhn.redhat.com/errata/RHSA-2017-0336.html

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html

http://rhn.redhat.com/errata/RHSA-2017-0462.html

https://access.redhat.com/errata/RHSA-2019:1245

https://access.redhat.com/errata/RHSA-2019:2859

https://access.redhat.com/errata/RHSA-2020:0451

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

https://www.tenable.com/security/tns-2016-20

http://www.splunk.com/view/SP-CAAAPUE

https://bugzilla.redhat.com/show_bug.cgi?id=1369383

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

https://access.redhat.com/articles/2548661

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312

http://www.splunk.com/view/SP-CAAAPSV

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415

http://www-01.ibm.com/support/docview.wss?uid=swg21995039

https://nodejs.org/en/blog/vulnerability/september-2016-security-releases

https://www.tenable.com/security/tns-2016-16

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499

https://www.tenable.com/security/tns-2016-21

https://kc.mcafee.com/corporate/index?page=content&id=SB10171

http://www-01.ibm.com/support/docview.wss?uid=swg21991482

https://www.openssl.org/blog/blog/2016/08/24/sweet32

https://access.redhat.com/security/cve/cve-2016-2183

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

https://security.netapp.com/advisory/ntap-20160915-0001

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us

https://bto.bluecoat.com/security-advisory/sa133

https://www.tenable.com/security/tns-2017-09

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116

https://security.netapp.com/advisory/ntap-20170119-0001

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984

https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008

http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448

https://kc.mcafee.com/corporate/index?page=content&id=SB10310

https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/

https://www.openssl.org/blog/blog/2016/08/24/sweet32/

https://security.netapp.com/advisory/ntap-20160915-0001/

https://security.netapp.com/advisory/ntap-20170119-0001/

EXPLOIT-DB-42091 (https://www.exploit-db.com/exploits/42091/)

https://wiki.opendaylight.org/view/Security_Advisories

https://kc.mcafee.com/corporate/index?page=content&id=SB10215

SUSE-SU-2017:2700 (http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html)

20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities (http://www.securityfocus.com/archive/1/540341/100/0/threaded)

USN-3087-1 (http://www.ubuntu.com/usn/USN-3087-1)

SUSE-SU-2016:2469 (http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html)

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680

openSUSE-SU-2016:2537 (http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html)

20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded)

USN-3087-2 (http://www.ubuntu.com/usn/USN-3087-2)

20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded)

https://kc.mcafee.com/corporate/index?page=content&id=SB10197

https://kc.mcafee.com/corporate/index?page=content&id=SB10186

SUSE-SU-2017:2699 (http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html)

20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded)

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849

openSUSE-SU-2016:2407 (http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html)

https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613

20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities (http://seclists.org/fulldisclosure/2017/Jul/31)

USN-3194-1 (http://www.ubuntu.com/usn/USN-3194-1)

SUSE-SU-2016:2458 (http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html)

20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information (https://seclists.org/bugtraq/2018/Nov/21)

https://support.f5.com/csp/article/K13167034

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722

20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/542005/100/0/threaded)

DSA-3673 (http://www.debian.org/security/2016/dsa-3673)

openSUSE-SU-2016:2391 (http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html)

USN-3372-1 (http://www.ubuntu.com/usn/USN-3372-1)

openSUSE-SU-2018:0458 (http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html)

SUSE-SU-2017:0460 (http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html)

SUSE-SU-2017:0490 (http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html)

USN-3270-1 (http://www.ubuntu.com/usn/USN-3270-1)

20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information (http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded)

https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178

SUSE-SU-2016:2387 (http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html)

20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities (http://seclists.org/fulldisclosure/2017/May/105)

openSUSE-SU-2017:0513 (http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html)

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448

20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/539885/100/0/threaded)

openSUSE-SU-2017:0374 (http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html)

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415

SUSE-SU-2016:2468 (http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html)

SUSE-SU-2017:0346 (http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html)

openSUSE-SU-2016:2496 (http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html)

USN-3198-1 (http://www.ubuntu.com/usn/USN-3198-1)

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403

20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information (http://www.securityfocus.com/archive/1/541104/100/0/threaded)

SUSE-SU-2017:1444 (http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html)

SUSE-SU-2016:2394 (http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html)

20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities (http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded)

USN-3179-1 (http://www.ubuntu.com/usn/USN-3179-1)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en

Miscellaneous

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://sweet32.info

https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls

https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue

https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633

https://www.sigsac.org/ccs/CCS2016/accepted-papers

https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish

https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack

https://sweet32.info/

https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/

https://www.sigsac.org/ccs/CCS2016/accepted-papers/

https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/

https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/security-alerts/cpuoct2021.html

http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html

https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

https://access.redhat.com/errata/RHBA-2019:2581

https://access.redhat.com/errata/RHSA-2016:1940

https://access.redhat.com/errata/RHSA-2017:0336

https://access.redhat.com/errata/RHSA-2017:0337

https://access.redhat.com/errata/RHSA-2017:0338

https://access.redhat.com/errata/RHSA-2017:0462

https://access.redhat.com/errata/RHSA-2020:3842

https://access.redhat.com/errata/RHSA-2021:0308

https://access.redhat.com/errata/RHSA-2021:2438

https://access.redhat.com/security/cve/CVE-2016-2183

Rapid7

Technical Analysis