Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

TLS Triple-DES Key Exchange Detection (Sweet32)

Low

Synopsis

The remote host is configured to allow weak, Triple-DES encryption.

Description

The remote host is running the TLS protocol. Further, the host allows Triple-DES key exchanges during session setup. Ciphers that use 3DES are prone to birthday attacks, where an attacker who is able to cause enough cryptographic collisions can recover a stored session cookie or other sensitive information through the use of malicious Javascript.

Solution

Configure the device to only allow strong encryption.