Zurück
-
Titel
CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) -
Beschreibung
The TPAM appliance, DPAs, and Cache Server appear to be using 3DES ciphers - is it possible to remove them? -
Lösung
TPAM appliances (2.5.904 - 2.5.917)
The 3DES cipher exists. A hotfix has been made available here that will disable support of the 3DES ciphers for TLS connections on the TPAM console appliances.
DPA and CacheServersThe 3DES cipher exists. The SWEET32 vulnerability indicates that it can only be exploited during very long-lived HTTPS sessions that send a large number of requests in the same TLS connection. Requests made to a DPA or Cache appliances do not meet this criterion for the vulnerability to be exploited. Therefore, a hotfix is not required and the vulnerability scanner is reporting a false positive. -
Änderungsanforderung
BFER 8784, BFER 8918