virus logo FortiClient Vulnerability

OpenSSL CVE-2016-2183 Information Disclosure Vulnerability

description-logoDescription

Severity: LowSWEET32 (https://sweet32.info) is an attack on older block cipher algorithmsthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES basedciphersuites have been moved from the HIGH cipherstring group to MEDIUM inOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had theseciphersuites disabled by default.OpenSSL 1.0.2 users should upgrade to 1.0.2iOpenSSL 1.0.1 users should upgrade to 1.0.1uThis issue was reported to OpenSSL on 16th August 2016 by KarthikeyanBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of theOpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2016-2183

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39863
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL