Vulnerability in TLS Implementations and Triple DES by Multiple Vendors
CVE-2016-2183

7.5HIGH

Key Information:

Vendor

Redhat
Status
Enterprise Linux
Jboss Enterprise Application Platform
Jboss Enterprise Web Server
Jboss Web Server
Vendor
CVE Published:
1 September 2016

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 40%

What is CVE-2016-2183?

The vulnerability occurs due to the use of the DES and Triple DES ciphers within TLS, SSH, and IPSec protocols. These ciphers are subject to a birthday attack, which can potentially allow attackers to extract plaintext data from long-lived encrypted sessions. The risk is particularly evident during HTTPS connections employing Triple DES in CBC mode, commonly known as the 'Sweet32' attack. This vulnerability emphasizes the need for transitioning to more secure encryption standards in order to protect sensitive data.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2016-2183 - Proof of Concept

Simple-Sweet32
Created by ZakyHermawan

References

https://access.redhat.com/errata/RHSA-2017:3113
vendor-advisory
http://rhn.redhat.com/errata/RHSA-2017-0338.html
vendor-advisory
https://www.tenable.com/security/tns-2016-20

EPSS Score

40% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2016-2183 : Vulnerability in TLS Implementations and Triple DES by Multiple Vendors