TLS Triple-DES Key Exchange Detection (Sweet32) (deprecated)

Low Nessus Network Monitor Plugin ID 7223


The remote host is configured to allow weak, Triple-DES encryption.


The remote host is running the TLS protocol. Further, the host allows Triple-DES key exchanges during session setup. Ciphers that use 3DES are prone to birthday attacks, where an attacker who is able to cause enough cryptographic collisions can recover a stored session cookie or other sensitive information through the use of malicious Javascript.


Configure the device to only allow strong encryption.

See Also,,"

Plugin Details

Severity: Low

ID: 7223

File Name: 7223.pasl

Version: 1.0

Family: Generic

Published: 2016/08/24

Modified: 2016/08/31

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:ND/RC:C

Vulnerability Information

Patch Publication Date: 2016/08/24

Vulnerability Publication Date: 2016/08/24