SSL Medium Strength Cipher Suites Supported (SWEET32)-CVE-2016-2183

コンテンツ

Skip to main content

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Learn

    • Documentation
      In-depth articles on Microsoft developer tools and technologies
    • Training
      Personalized learning paths and courses
    • Credentials
      Globally recognized, industry-endorsed credentials
    • Q&A
      Technical questions and answers moderated by Microsoft
    • Code Samples
      Code sample library for Microsoft developer tools and technologies
    • Assessments
      Interactive, curated guidance and recommendations
    • Shows
      Thousands of hours of original programming from Microsoft experts
      Featured assessment
      It's your AI learning journey
      Wherever you are in your AI journey, Microsoft Learn meets you where you are and helps you deepen your skills.
  • Featured assessment
    It's your AI learning journey
    Wherever you are in your AI journey, Microsoft Learn meets you where you are and helps you deepen your skills.
  • Featured assessment
    It's your AI learning journey
    Wherever you are in your AI journey, Microsoft Learn meets you where you are and helps you deepen your skills.
  • Featured assessment
    It's your AI learning journey
    Wherever you are in your AI journey, Microsoft Learn meets you where you are and helps you deepen your skills.

Sign in

SSL Medium Strength Cipher Suites Supported (SWEET32)-CVE-2016-2183

  • Article
  • 07/18/2020

In this article

Question

Saturday, July 18, 2020 8:14 AM

Hi,

** Does anyone aware of the Vulnerability CVE-2016-2183 SSL Medium Strength Cipher Suites Supported (SWEET32).**

I got this solution from vulnerability team , but don't know how to apply fix for the same.

Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

Name Code KEX Auth Encryption MAC

DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1

The fields above are :

{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetr

All replies (1)

Monday, July 20, 2020 7:36 AM

Hello,

Thank you for posting in our TechNet forum.

We are not sure whether something here would be helpful. We could kindly have a check. Thanks.

Solve SWEET32 Birthday Attack and TLS 1.0 Vulnerabilities PCI-Compliance
https://gallery.technet.microsoft.com/scriptcenter/Solve-SWEET32-Birthday-d2df9cf1

For any question, please feel free to contact us.

Best regards,
Hannah Xiong

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].

Additional resources

In this article

リンク
https://learn.microsoft.com/en-us/archive/msdn-technet-forums/31b3ba6f-d0e6-417a-b6f1-d0103f054f8d
要約する
The article discusses the SSL Medium Strength Cipher Suites Supported (SWEET32) vulnerability, specifically CVE-2016-2183, which involves medium strength ciphers like 3DES. A user seeks help on applying a fix for this vulnerability. A response suggests a script to address the SWEET32 Birthday Attack and TLS 1.0 vulnerabilities for PCI compliance. The article provides links for further resources and assistance on the topic.