CVE-2016-2183

high

Cisco

CVSS v3 Base Score

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

37.8%

Exploitation probability in 30 days

Top 3% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Confidentiality

High

Integrity

None

Availability

None

Published: September 1, 2016 (3542 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.

CWE

CWE-200

Affected Products

redhat jboss enterprise application platformredhat jboss enterprise web serverredhat jboss web serverredhat enterprise linuxpython pythoncisco content security management applianceopenssl openssloracle databasenodejs node.js

References

🔗 kb.juniper.net 🔗 lists.opensuse.org 🔗 lists.opensuse.org 🔗 lists.opensuse.org 🔗 lists.opensuse.org

CVE-2016-2183

Vulnerability Report

Description

CWE

Affected Products

References