F5 Networks BIG-IP : OpenSSL vulnerability (K13167034)
Medium Nessus Plugin ID 97477
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a 'Sweet32' attack.(CVE-2016-2183)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K13167034.