JVN/CVE Demo: Nvdinfos

NVD

Id: 18453
Name: CVE-2016-2183
Description: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
Reject
CVSS Version: 2
CVSS Score: 5
Severity: Medium
CVSS Base Score: 5
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 10
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Pub Date: 2017-02-15
Published: 2016-08-31
Modified Date: 2017-02-10
Seq: 2016-2183

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
102569	18453	CVE-2016-2183	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759	View
102570	18453	CVE-2016-2183	SUSE-SU-2016:2470	View
102571	18453	CVE-2016-2183	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	View
102572	18453	CVE-2016-2183	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	View
102573	18453	CVE-2016-2183	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	View
102574	18453	CVE-2016-2183	92630	View
102575	18453	CVE-2016-2183	95568	View
102576	18453	CVE-2016-2183	http://www.splunk.com/view/SP-CAAAPSV	View
102577	18453	CVE-2016-2183	http://www.splunk.com/view/SP-CAAAPUE	View
102578	18453	CVE-2016-2183	https://access.redhat.com/articles/2548661	View
102579	18453	CVE-2016-2183	https://access.redhat.com/security/cve/cve-2016-2183	View
102580	18453	CVE-2016-2183	https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/	View
102581	18453	CVE-2016-2183	https://bto.bluecoat.com/security-advisory/sa133	View
102582	18453	CVE-2016-2183	https://bugzilla.redhat.com/show_bug.cgi?id=1369383	View
102583	18453	CVE-2016-2183	https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633	View
102584	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448	View
102585	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984	View
102586	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116	View
102587	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499	View
102588	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388	View
102589	18453	CVE-2016-2183	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403	View
102590	18453	CVE-2016-2183	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312	View
102591	18453	CVE-2016-2183	https://kc.mcafee.com/corporate/index?page=content&id=SB10171	View
102592	18453	CVE-2016-2183	https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/	View
102593	18453	CVE-2016-2183	https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/	View
102594	18453	CVE-2016-2183	GLSA-201612-16	View
102595	18453	CVE-2016-2183	https://sweet32.info/	View
102596	18453	CVE-2016-2183	[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections	View
102597	18453	CVE-2016-2183	https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/	View
102598	18453	CVE-2016-2183	https://www.openssl.org/blog/blog/2016/08/24/sweet32/	View
102599	18453	CVE-2016-2183	https://www.sigsac.org/ccs/CCS2016/accepted-papers/	View
102600	18453	CVE-2016-2183	https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
3738	JVNDB-2016-004511	TLS プロトコルなどの製品で使用される DES および Triple DES 暗号における平文のデータを取得される脆弱性	TLS、SSH、IPSec およびその他プロトコルの製品で使用される DES および Triple DES 暗号は、約 40 億ブロックの birthday bound を持っているため、平文のデータを取得される脆弱性が存在します。	CVE-2016-2183	88689	CVE-2016-2183	18453	5	5.3	http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004511.html	2016-08-24	2016-11-17	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.31 MB
View render complete	20.47 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.61
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	301.83
Event: Controller.beforeRender	5.30
» Processing toolbar data	5.20
Rendering View	758.57
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	733.24
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	15.65
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	4.59
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/18453
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/18453
Remote Port	9798
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.145.0.77
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=ef334niujg2tr2h85unraeu0c5
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.145.0.77
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.145.0.77
Unique Id	aC0NLI4_K-fA-jKFyy4newAAATg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.145.0.77
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.145.0.77
Redirect Unique Id	aC0NLI4_K-fA-jKFyy4newAAATg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.145.0.77
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.145.0.77
Redirect Redirect Unique Id	aC0NLI4_K-fA-jKFyy4newAAATg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747782956.3123
Request Time	1747782956

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files