cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL 64-bit Block Size Cipher Suites Supported (SWEET32):host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers

rebin_parathana
Newcomer

Hi Team,

We have implemented a appmon solution & now we come across a security clearance issue which is known as sweet32. Please find the detail below which is shared by the client:

Vulnerability Name: SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

Description: The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers.

Impact: A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, resulting in disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session.

Mitigation Action: Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers.

Also refer below links for detail understanding regarding sweet32

https://sweet32.info
https://www.openssl.org/blog/blog/2016/08/24/sweet32/

Please tell me is this issue related to dynatrace? if yes then please provide the solution how we can resolve this.


3 REPLIES 3

rebin_parathana
Newcomer

james_kitson
Dynatrace Leader
Dynatrace Leader

EDIT: Actually I've found on this security alerts page and it looks like AppMon is not affected by this. The only Dynatrace product that is at all relevant here is DC RUM. I'd bookmark the following page as well:

https://www.dynatrace.com/support/security-alerts/

Although the following page is for Dynatrace SaaS and Managed I would still go this route and contact security@dynatrace.com - at the very least they should be able to get you in touch with some staff with more knowledge in this area.

https://help.dynatrace.com/data-security/policies-...

James

Thank You James, i think it will help