PSIRTCVE-2016-2183 - 3DES Vulnerability - SWEET32
Summary
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
https://nvd.nist.gov/vuln/detail/CVE-2016-2183
https://nvd.nist.gov/vuln/detail/CVE-2016-6329
| Version | Affected | Solution |
|---|---|---|
| FortiAnalyzer 6.2 | Not affected | Not Applicable |
| FortiAnalyzer 6.0 | 6.0.2 | Upgrade to 6.0.3 or above |
| FortiAnalyzer 5.6 | Not affected | Not Applicable |
| FortiAnalyzer 5.4 | 5.4.6 through 5.4.7 | Migrate to a fixed release |
| FortiAnalyzer 5.4 | 5.4.0 through 5.4.1 | Migrate to a fixed release |
| FortiAnalyzer 5.2 | 5.2.0 through 5.2.9 | Migrate to a fixed release |
| FortiCache 4.2 | 4.2.8 | Upgrade to 4.2.9 or above |
| FortiCache 4.1 | 4.1.1 | Upgrade to 4.1.2 or above |
| FortiCache 4.0 | 4.0 all versions | Migrate to a fixed release |
| FortiCache 3.1 | 3.1 all versions | Migrate to a fixed release |
| FortiCache 3.0 | 3.0 all versions | Migrate to a fixed release |
| FortiCache 2.3 | 2.3 all versions | Migrate to a fixed release |
| FortiCache 2.2 | 2.2 all versions | Migrate to a fixed release |
| FortiCache 2.1 | 2.1 all versions | Migrate to a fixed release |
| FortiCache 2.0 | 2.0 all versions | Migrate to a fixed release |
| FortiCache 1.0 | 1.0 all versions | Migrate to a fixed release |
| FortiCache 0.4 | 0.4.10 | Migrate to a fixed release |
| FortiClientEMS 7.2 | 7.2.0 | Upgrade to 7.2.1 or above |
| FortiClientEMS 7.0 | 7.0.6 through 7.0.8 | Upgrade to 7.0.9 or above |
| FortiClientEMS 7.0 | 7.0.0 through 7.0.4 | Upgrade to 7.0.9 or above |
| FortiClientEMS 1.2 | 1.2.1 | Migrate to a fixed release |
| FortiClientEMS 1.0 | 1.0.0 through 1.0.2 | Migrate to a fixed release |
| FortiManager 6.2 | Not affected | Not Applicable |
| FortiManager 6.0 | 6.0.2 | Upgrade to 6.0.3 or above |
| FortiManager 5.6 | Not affected | Not Applicable |
| FortiManager 5.4 | 5.4.6 through 5.4.7 | Migrate to a fixed release |
| FortiManager 5.4 | 5.4.0 through 5.4.1 | Migrate to a fixed release |
| FortiManager 5.2 | 5.2.0 through 5.2.9 | Migrate to a fixed release |
| FortiOS 5.6 | Not affected | Not Applicable |
| FortiOS 5.4 | 5.4.0 through 5.4.1 | Upgrade to 5.4.2 or above |
| FortiOS 5.2 | 5.2.12 | Upgrade to 5.2.10 or above |
| FortiOS 5.2 | 5.2.9 | Upgrade to 5.2.10 or above |
| FortiOS 5.0 | 5.0.14 | Upgrade to 5.0.15 or above |
| FortiPortal 5.0 | 5.0.0 | Upgrade to 5.0.1 or above |
| FortiSwitch 6.2 | Not affected | Not Applicable |
| FortiSwitch 6.0 | 6.0.0 through 6.0.1 | Upgrade to 6.0.2 or above |
| FortiSwitch 3.6 | 3.6.7 | Upgrade to 3.6.8 or above |
FortiOS Web adminUI:
After the upgrade ensure following CLI command set:
config system global
set strong-crypto enable
end
FortiOS SSL VPN Web Portal:
After the upgrade ensure ensure following CLI command set:
config vpn ssl settings
set algorithm high
end
Alternative, start from FortiOS 5.4.1, using following CLI command can disable 3des ciphers:
config vpn ssl settings
set banned-cipher 3DES
end
FortiOS VIP, WANOpt, VoIP:
After the upgrade ensure following CLI command set:
config wanopt settings
et tunnel-ssl-algorithm high
end
config firewall ssl-server
set ssl-algorithm high
end
config voip profile
edit [profile-name]
config sip
set ssl-algorithm high
end
next
end
config firewall vip
edit [vip-name]
set type server-load-balance
set server-type ssl
set ssl-algorithm high
next
end
config web-proxy explicit
set ssl-algorithm high
end
FortiOS webfilter override and authentication service:
After the upgrade ensure following CLI command set:
config system global
set strong-crypto enable
end