CVE-2016-2183

{"id": "CVE-2016-2183", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-09-01T00:59:00.137", "references": [{"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2017/Jul/31", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2017/May/105", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2016/dsa-3673", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/92630", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/95568", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1036696", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.splunk.com/view/SP-CAAAPSV", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.splunk.com/view/SP-CAAAPUE", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3087-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3087-2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3179-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3194-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3198-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3270-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-3372-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/articles/2548661", "tags": ["Mitigation", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:1216", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2708", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2709", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2710", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3113", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3114", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3239", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3240", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2123", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1245", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2859", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2020:0451", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/cve-2016-2183", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/", "tags": ["Press/Media Coverage", "Technical Description", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bto.bluecoat.com/security-advisory/sa133", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "source": "secalert@redhat.com"}, {"url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secalert@redhat.com"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10171", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10186", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10197", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10215", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/", "tags": ["Press/Media Coverage", "Technical Description", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://seclists.org/bugtraq/2018/Nov/21", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201612-16", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201701-65", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201707-01", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20160915-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20170119-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.f5.com/csp/article/K13167034", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://sweet32.info/", "tags": ["Technical Description", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://wiki.opendaylight.org/view/Security_Advisories", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.exploit-db.com/exploits/42091/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/", "tags": ["Press/Media Coverage", "Technical Description", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/", "tags": ["Mitigation", "Press/Media Coverage", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.tenable.com/security/tns-2016-16", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.tenable.com/security/tns-2016-20", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.tenable.com/security/tns-2016-21", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.tenable.com/security/tns-2017-09", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack."}, {"lang": "es", "value": "Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen una cota de cumplea\u00f1os de aproximadamente cuatro mil millones de bloques, lo que facilita a atacantes remotos obtener datos de texto plano a trav\u00e9s de un ataque de cumplea\u00f1os contra una sesi\u00f3n cifrada de larga duraci\u00f3n, seg\u00fan lo demostrado por una sesi\u00f3n HTTPS usando Triple DES en modo CBC, tambi\u00e9n conocido como un ataque \"Sweet32\"."}], "lastModified": "2023-02-12T23:17:38.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14259BF1-3601-4BF1-A591-FC4DE1639C57"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681173DF-537E-4A64-8FC7-75F439CCAD0D"}, {"criteria": "cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54EB07A0-FB38-4F17-9C8D-DB629967F07B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23F7B6BD-821B-4355-8C81-CEA6079B9A85", "versionEndExcluding": "2.7.13", "versionStartIncluding": "2.7.0"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E65C03FE-52E0-477A-A104-8F2CC0EEE753", "versionEndExcluding": "3.4.7", "versionStartIncluding": "3.4.0"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35B35EBF-9EA0-4BB4-B868-600D2BAA9790", "versionEndExcluding": "3.5.3", "versionStartIncluding": "3.5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FA04185-D9B6-4ED0-9D23-7642BF0228F0"}, {"criteria": "cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A61A1AF3-CE0F-4744-A11A-57DE1ABC7CC6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3703E445-17C0-4C85-A496-A35641C0C8DB"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABEC1927-F469-4B9E-B544-DA6CF90F0B34"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9EC827B-5313-47D7-BF49-CFF033CF3D53"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A438E65F-33B1-46BC-AD93-200DCC6B43D4"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFDCF78-62C1-429E-A43C-0C9FEC14837D"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A0B4DEF-C6E8-4243-9893-6E650013600C"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28CD4F7-522F-4ECA-9035-228596CDE769"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AF4953B-BB23-4C80-8C48-9E94EB234AAE"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60F946FD-F564-49DA-B043-5943308BA9EE"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B89180B-FB68-4DD8-B076-16E51CC7FB91"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C986592-4086-4A39-9767-EF34DBAA6A53"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B23181C-03DB-4E92-B3F6-6B585B5231B4"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94D9EC1C-4843-4026-9B05-E060E9391734"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036FB24F-7D86-4730-8BC9-722875BEC807"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5100F5C8-D5F8-466B-AABE-E42B3770B39D"}, {"criteria": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F3C58EE-B36B-4081-A307-0FE9B52D8E62"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BACF673F-7ADA-4D70-9BA9-2F5252E3467A", "versionEndExcluding": "0.10.47", "versionStartIncluding": "0.10.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF8D1AA1-18BE-4134-883E-97CE3E729CBB", "versionEndExcluding": "0.12.16", "versionStartIncluding": "0.12.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "8B5C9903-298B-4084-A505-E60A00A63558", "versionEndExcluding": "4.1.2", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "303F780C-C971-4216-86D6-5026AAD56279", "versionEndExcluding": "4.6.0", "versionStartIncluding": "4.2.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "8291D42E-9E50-414D-9752-D70906D512B2", "versionEndExcluding": "6.7.0", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}