How to disable DES and 3DES ciphers in Log Insight to address CVE-2016-2183 Sweet32 vulnerability
search cancel

How to disable DES and 3DES ciphers in Log Insight to address CVE-2016-2183 Sweet32 vulnerability

book

Article ID: 340394

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

The purpose of this article is to address CVE-2016-2183 "Sweet32" vulnerability in Log Insight


Environment

VMware vRealize Log Insight 4.5.x
VMware vRealize Log Insight 4.3.x

Cause

CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data through a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.

Resolution

To resolve this issue, complete this procedure on all nodes within the cluster:
 
  1. Open this file using a text editor:

    /usr/java/default/lib/security/java.security
     
  2. Find this disabled algorithms tag in the file:

    jdk.tls.disabledAlgorithms=
     
  3. Add the DES and 3DES (DESede) cipher value to the disabled algorithms tag:

    jdk.tls.disabledAlgorithms=SSLv3, DES, DESede, RC4, MD5withRCA
     
  4. Restart the Log Insight service:

    service loginsight restart