QID 378985

Date Published: 2023-11-27

QID 378985: Birthday attacks against Transport Layer Security (TLS) ciphers with 64bit block size Vulnerability (Sweet32)

Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode. All versions of SSL/TLS protocol support cipher suites which use DES, 3DES, IDEA or RC2 as the symmetric encryption cipher are affected.
QID Detection Logic (Authenticated):
This QID checks DES/3DES should not be present in Cipher suite order when enabled via GPO.If changes made via SCHANNEL Settings, we are checking SCHANNEL registry for DES 56/56 and 3DES 164 enabled

Remote attackers can obtain cleartext data via a birthday attack against a long-duration encrypted session.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 5 severity.
    • Solution
    Disable and stop using DES, 3DES, IDEA or RC2 ciphers.
    More information can be found at Sweet32, Microsoft Windows TLS changes docs and Microsoft Transport Layer Security (TLS) registry settings
    Vendor References

    CVEs related to QID 378985

    CVE-2016-2183 |
    Software Advisories
    Advisory ID Software Component Link
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].