Reset Search
 

 

Article

Is XOS vulnerable to 'Sweet32' (ref CVE-2016-2183)

« Go Back

Information

 
TitleIs XOS vulnerable to 'Sweet32' (ref CVE-2016-2183)
Question
Is XOS vulnerable to 'Sweet32' (ref CVE-2016-2183)
 
Environment
All XOS switches
Answer
XOS is not significantly vulnerable to the "SSL 64-bit Block Size Cipher Suites Supported" (SWEET32) security threat.

SSL: ExtremeXOS uses the thttpd webserver that is not vulnerable to this type of attack because thttpd does not support persistent SSL connections, which is a requirement of the exploit.

SSH: is potentially more vulnerable depending on the ciphers used. ExtremeXOS allows you to mitigate this vulnerability by configuring the advertised ciphers.

For more information about SWEET32 threat, see:
      https://sweet32.info
      https://www.openssl.org/blog/blog/2016/08/24/sweet32/
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255