SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

Low Nessus Network Monitor Plugin ID 7222


The remote host supports the use of 64-bit block ciphers.


The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a 'birthday' attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session. Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours. Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability.


Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability.

See Also

Plugin Details

Severity: Low

ID: 7222

Version: 1.0

Family: Generic

Published: 2016/08/24

Updated: 2018/08/16

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 2.6

Temporal Score: 2.5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:ND/RC:C

Vulnerability Information

Patch Publication Date: 2016/08/24

Vulnerability Publication Date: 2016/08/24