Описание
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
Ссылки
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Technical DescriptionThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Technical DescriptionThird Party Advisory
Уязвимые конфигурации
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
OpenVPN, when using a 64-bit block cipher, makes it easier for remote ...
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
Уязвимость программного обеспечения OpenVPN, связанная с проблемами использования шифрования с 64-битным блоком, позволяющая нарушителю восстановить исходное сообщение
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2