-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhos-18.0.14 FR 4
-
None
To Reproduce Steps to reproduce the behavior:
My customer carried out a scan of the EDPM compute nodes (RHEL 9.4 Version) using tenable tool. He find the following CVE:
CVE: CVE-2016-2183
Severity: High
Plugin: 42873
Plugin Name: SSL Medium Strength Cipher Suites Supported (SWEET32)
Family: General
Protocol: TCP
Port: applicable on the ** 9100, 9105 and 9882 ports
Plugin Output:
Plugin Output:
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- — ---- --------------------- —
ECDHE-RSA-DES-CBC3-SHA 0xC0, 0x12 ECDHE RSA 3DES-CBC(168) SHA1
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
Synopsis: The remote service supports the use of medium strength SSL ciphers.
Description:
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
Steps to Remediate:
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
CVSS V3 Base Score: 7,5
