CVE-2016-6329

moderate-risk

Published 2017-01-31

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

Do I need to act?

5.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

Affected Products (1)

Openvpn

Affected Vendors

Openvpn

References (20)

Permissions Required http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697

Third Party Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21991482

Third Party Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21995039

Third Party Advisory http://www.securityfocus.com/bid/92631

Third Party Advisory http://www.securitytracker.com/id/1036695

https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf

Vendor Advisory https://community.openvpn.net/openvpn/wiki/SWEET32

Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c...

Third Party Advisory https://security.gentoo.org/glsa/201611-02

Technical Description https://sweet32.info/