SWEET32 vulnerability of 64 bit ciphers (3DES/Blowfish) - CVE-2016-2183

Description

A vulnerability scan on the HTTPS management port or SSL-VPN port shows that the SonicWall is vulnerable to the SWEET 32 attack on 64 bit ciphers (3DES/Blowfish)

Unaffected firmware versions:

  • 6.2.5.2-32n and above
  • 6.2.6.0-20n and above
  • 6.2.7.1-23n and above
  • 5.9.1.8-10o and above

Affected firmware versions:

  • 6.2.5.1-26n and below
  • 6.1.1.12-41n and below
  • 6.1.2.6-27n and below
  • 5.9.1.7-2o and below
  • 5.8.4.2-13o and below

Cause

Previous SonicWall firmware allows the use of 3DES for TLS connections and is therefore vulnerable to the SWEET 32 attack described in CVE-2016-2183.

Resolution

This issue has been fixed in the latest general release firmware.

To download release notes and firmware please visit www.mysonicwall.com. To upgrade SonicOS firmware please see How to Upgrade SonicOS Firmware.

Related Articles

  • How to block ICMP (Ping ) using Application control
    Read More
  • SonicWall GEN8 TZ and NSa Firewalls FAQ
    Read More
  • How to configure Link Aggregation
    Read More

Categories

Firewalls
NSa Series
Firewalls
TZ Series
not finding your answers?
Ask the Community