SA133 : SWEET32 Birthday Attack against DES, 3DES, and Blowfish

Click to Subscribe
Security Advisory ID: 
SA133
Published Date: 
Dec 22, 2016
Advisory Status: 
Interim
Advisory Severity: 
Medium
CVSS v2 base score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE Number: 
CVE-2016-2183 - 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Blue Coat products that use the DES, 3DES, and Blowfish symmetric encryption ciphers in long-lived encrypted SSL/TLS, SSH, or VPN connections are susceptible to the SWEET32 birthday attack.  A remote attacker with the ability to observe a long-lived encrypted connection can obtain plaintext, such as authentication credentials, without knowing the secret encryption key.

Affected Products:

The following products are vulnerable:

Advanced Secure Gateway
ASG 6.6 enables 3DES and Blowfish by default for the SSH management console.  It also enables DES and 3DES by default for the SSL forward proxy.  ASG 6.6 also enables 3DES by default for the HTTPS management console, SSL reverse proxy, and SSL device profiles.  See Workarounds section for instructions to disable the insecure ciphers for all interfaces.

BCAAA
BCAAA 6.1 enables DES and 3DES for LDAPS connections for Novell SSO realm authentication.  DES and 3DES cannot be disabled.

CacheFlow
CacheFlow 3.4 enables 3DES and Blowfish for the SSH management console.  They cannot be disabled.  CacheFlow 3.4 also enables 3DES by default for the HTTPS management console.  It also enables DES and 3DES by default for SSL device profiles.  See Workarounds section for instructions to disable DES and 3DES for the SSL interfaces.

Client Connector
Client Connector 1.6 enables DES and 3DES for SSL connections to Cloud.  The connections are short-lived and do not contain sufficient amount of encrypted plaintext to exploit CVE-2016-2183.  DES and 3DES can be disabled for Client Connector on Windows.  See Workarounds section for instructions.

Cloud Data Protection for Salesforce
CDP-SFDC 2.5, 4.6, and 4.7 enable 3DES by default for all SSL interfaces.  CDP-SFDC 4.9, 4.10, and 4.12 disable 3DES by default in newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Cloud Data Protection for Salesforce Analytics
CDP-WAVE 4.7 enables 3DES by default for all SSL interfaces.  CDP-WAVE 4.9 and 4.10 disable 3DES by default in newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Cloud Data Protection for ServiceNow
CDP-SNOW 4.6 and 4.7 enable 3DES by default for all SSL interfaces.  CDP-SNOW 4.9, 4.10, and 4.12 disable 3DES by default in newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Cloud Data Protection Communication Server
CDP-COMMSVR 2.4, 2.5, 4.6, and 4.7 enable 3DES by default for all SSL interfaces.  CDP-COMMSVR 4.9, 4.10, and 4.12 disable 3DES by default for newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Cloud Data Protection Integration Server
CDP-INTSVR 4.6, 4.7, and 4.8 enable 3DES by default for all SSL interfaces.  CDP-INTSVR 4.9, 4.10, and 4.12 disable 3DES by default for newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Cloud Data Protection Policy Builder
CDP-PBUILDER 4.6 and 4.7 enable 3DES by default for all SSL interfaces.  CDP-PBUILDER 4.9 and 4.10 disable 3DES by default for newly initialized systems.  See Workarounds section for instructions to ensure that 3DES is disabled.

Content Analysis System
CAS 1.3 enables 3DES for the HTTPS management console, SSH management CLI, SSH connections to FireEye AX, SFTP connections to Reporter, and LDAPS connections.  It also enables 3DES for SSL connections to Blue Coat, Malware Analysis, and Lastline.  3DES cannot be disabled for those interfaces.  CAS 1.3 also enables 3DES by default for the secure ICAP server.  See Workarounds section for instructions to disable 3DES for the secure ICAP server.  CAS 2.1 enables 3DES for SSL connections to Blue Coat, Malware Analysis, and Lastline.  3DES cannot be disabled for those interfaces.  CAS 2.1 disables 3DES by default for the secure ICAP server.

Director
Director 6.1 enables 3DES for the SSH CLI, SSH connections to ProxySG, SSH connections to other Director appliances, SSL connections to Blue Coat, and SSL connections for software update downloads.  3DES cannot be disabled.

IntelligenceCenter
IC 3.3 enables DES and 3DES for the web UI, SSL connections from and to IntelligenceCenter Data Collector, and SSL connections to PacketShaper.  DES and 3DES cannot be disabled.

IntelligenceCenter Data Collector
DC 3.3 enables DES and 3DES for the web UI, SSL connections from and to IntelligenceCenter, and SSL connections to PacketShaper.  DES and 3DES cannot be disabled.

Malware Analysis Appliance
MAA 4.2 enables 3DES by default for the management CLI and SSL connections to Blue Coat.  It cannot be disabled.  3DES is disabled by default for the management web UI.

Mail Threat Defense
MTD 1.1 enables 3DES for the HTTPS management console, SSH management CLI, SSH connections to FireEye AX, SFTP connections to Reporter, and LDAPS connections.  It also enables 3DES for SSL connections to Blue Coat, Malware Analysis, and Lastline.  3DES cannot be disabled for those interfaces.

Management Center
MC 1.7 and 1.8 enable 3DES for the management CLI, SSH failover connections, and SSL connections to Blue Coat.  MC 1.9 enables 3DES for SSL connections to Blue Coat.  3DES cannot be disabled.

Norman Shark Industrial Control System Protection
ICSP 5.3 enables 3DES and Blowfish by default for the management CLI.  It also enables 3DES by default for the web UI.  See Workarounds section for instructions to disable them.

Norman Shark Network Protection
NNP 5.3 enables 3DES and Blowfish by default for the management CLI.  It also enables 3DES by default for the web UI.  See Workarounds section for instructions to disable them.

Norman Shark SCADA Protection
NSP 5.3 enables 3DES and Blowfish by default for the management CLI.  It also enables 3DES by default for the web UI.  See Workarounds section for instructions to disable them.

PacketShaper
PS 9.2 prior to 9.2.13p2 enables DES and 3DES for the management CLI and all SSL interfaces.  3DES cannot be disabled.

PacketShaper S-Series
PS S-Series 11.5, 11.6, and 11.7 enable 3DES for the management CLI, SSL connections to Blue Coat, and LDAPS connections to PolicyCenter S-Series.  3DES cannot be disabled for those interfaces.  PS S-Series 11.5, 11.6, and 11.7 disable 3DES by default for the web UI.  See Workarounds section for instructions to ensure that 3DES is disabled for the web UI.

PolicyCenter
PC 9.2 prior to 9.2.13p2 enables DES and 3DES for the management CLI and all SSL interfaces.  3DES cannot be disabled.

PolicyCenter S-Series
PC S-Series 1.1 enables 3DES for the management CLI and SSL connections to Blue coat.  PC S-Series 1.1 prior 1.1.2.2 also enables 3DES for the LDAPS server.  3DES cannot be disabled for those interfaces.  It disables 3DES by default for the web UI.  See Workarounds section for instructions to ensure that 3DES is disabled for the web UI.

ProxyAV
ProxyAV 3.5 enables 3DES for the HTTPS management console, secure ICAP server, and SSL clients connections.  See Workarounds sections for instructions to disable 3DES.

ProxyClient
ProxyClient 3.4 enables DES and 3DES for SSL connections to Cloud.  The connections are short-lived and do not contain sufficient amount of encrypted plaintext to exploit CVE-2016-2183.  DES and 3DES can be disabled for ProxyClient on Windows.  See Workarounds section for instructions.

ProxySG
ProxySG 6.5 and 6.6 enable 3DES and Blowfish by default for the SSH management console.  They also enable 3DES by default for the HTTPS management console, SSL reverse proxy, and SSL device profiles.  ProxySG 6.7 disables 3DES and Blowfish by default for the HTTPS management console in newly initialized systems. It also disables DES and 3DES by default for the HTTPS management console, SSL reverse proxy, and SSL device profiles in newly initialized systems.  All versions of ProxySG enable DES and 3DES for the SSL forward proxy.  See Workarounds section for instructions to disable the insecure ciphers for all interfaces.

SSL Visibility
SSLV 3.8.4FC, 3.9 prior to 3.9.7.1, and 3.10 prior to 3.10.2.1 enable 3DES for BCWF connections and SMTP alerts.  3DES cannot be disabled.  SSLV 3.11 is not vulnerable.  SSLV 4.0 enable 3DES for SSL connections to Blue Coat.

Unified Agent
UA 4.1, 4.6, and 4.7 enable DES and 3DES for SSL connections to ProxySG and Cloud.  The connections are short-lived and do not contain sufficient amount of encrypted plaintext to exploit CVE-2016-2183.  DES and 3DES can be disabled for Unified Agent on Windows.  See Workarounds section for instructions.

X-Series XOS
XOS 9.7, 10.0, and 11.0 enable by default 3DES for the management web UI and CLI.

The following products are not vulnerable:
Android Mobile Agent
AuthConnector
Blue Coat HSM Agent for the Luna SP
Cloud Data Protection for Oracle Sales Cloud
General Auth Connector Login Application
K9
ProxyAV ConLog and ConLogXP

The following products are under investigation:
Reporter
Security Analytics

Blue Coat no longer provides vulnerability information for the following products:

DLP
Please, contact Digital Guardian technical support regarding vulnerability information for DLP.

Advisory Details: 

Blue Coat products that support DES, 3DES, or Blowfish block symmetric encryption ciphers in long-lived SSL/TLS, SSH, and VPN connections are vulnerable to the SWEET32 birthday attack.

Block symmetric encryption ciphers have a limit on the number of blocks of plaintext that can be securely encrypted with the same key.  This limit stems from the "birthday paradox" and is known as the birthday bound.  The birthday bound depends on the cipher block size and is 2N/2 blocks for a cipher with block size N and a cipher mode such as CBC.  If two communicating parties encrypt plaintext with the same key and reach the birthday bound, there is a significant probability for ciphertext collisions, where two different plaintexts are encrypted to the same ciphertext. When the CBC block cipher mode is used, each ciphertext collision reveals the XOR of the two plaintexts that were encrypted.

The DES, 3DES, and Blowfish encryption ciphers use block size of 64 bits.  It is sufficient to encrypt 32GB of plaintext with the same key to reach the birthday bound.  The SSL/TLS, SSH, and VPN protocols support encryption with 64-bit block ciphers in CBC mode and do not renegotiate encryption keys within the same secure session.  If two communicating parties exchange a sufficient amount of data over a long-lived SSL/TLS, SSH, or VPN session, a man-in-the-middle (MITM) attacker can obtain XORs of pairs of plaintext.  If the attacker can control or guess one of the plaintexts, they can obtain the other plaintext without knowing the secret encryption key.

The Blue Coat HSM Agent for the Luna SP is not vulnerable to CVE-2016-2183, but the underlying Apache Tomcat server on the SafeNet LunaSP3 may be vulnerable.  Customers should contact SafeNet for more information about CVE-2016-2183.

Workarounds: 

Blue Coat's ProxySG appliance can be used to prevent attacks using CVE-2016-2183.  Customers using ProxySG as a forward proxy can protect SSL clients and servers by blocking in policy SSL flows that use 3DES cipher suites.  ProxySG 6.5 and 6.6 customers can use the following CPL syntax:

<SSL>
client.connection.negotiated_cipher=list-of_DES_and_DES-CBC3_ciphers deny
<SSL>
server.connection.negotiated_cipher=list_of_DES_and_DES-CBC3_ciphers deny

Blue Coat's SSLV appliance can also be used to prevent attacks using CVE-2016-2183.  Customers using SSLV in inline deployments can protect SSL clients and servers by blocking in policy SSL flows that use 3DES cipher suites.  SSLV 3.x customers can use the following configuration steps:

  1. Open the Policies > Cipher Suites Lists web UI page and create a new cipher suites list.
  2. Select the new cipher suites list and use the Add button in the Cipher Suites panel repeatedly to add all DES and 3DES cipher suites to the list. The cipher suites have the strings "DES" and “3DES" in their names.
  3. In the Policies > Rulesets web UI page, select the desired ruleset and add a “Drop” or “Reject” rule using the new cipher suites list. If necessary, re-order the rules in the ruleset to ensure that the new rule has the correct priority.

CVE-2016-2183 can be remediated on CacheFlow by ensuring that 3DES cipher suites are disabled for the HTTPS management console and all SSL device profiles.  Customers should use the following steps in configuration mode to disables all 3DES cipher suites:

#(config) management-services
#(config management-services) edit HTTPS-Console
#(config HTTPS-Console) attribute cipher-suite list_excluding_DES_and_DES-CBC3_cipher_suites
#(config HTTPS-Console) exit
#(config management-services) exit
#(config) ssl
#(config ssl) edit ssl-device-profile profile_name
#(config device-profile profile_name) cipher-suite list_excluding_DES_and_DES-CBC3_cipher_suites
#(config device-profile profile_name) exit
#(config ssl) exit

CVE-2016-2183 can be remediated on Client Connector for Windows by disabling 3DES cipher suites for SSL client connections.  Customers can use the "Local Computer Policy/Computer Configuration/Administrative Templates/Network/SSL Configuration Settings/SSL Cipher Suite Order" setting in the Windows Local Group Policy Editor (gpedit.msc) to disable 3DES cipher suites.

CVE-2016-2183 can be remediated on CDP by disabling 3DES cipher suites for all SSL interfaces.  Customers can add the "DESede" algorithm name to the jdk.tls.disabledAlgorithms JVM property for all CDP components.

CVE-2016-2183 can be remediated on CAS by disabling 3DES cipher suites for the secure ICAP server.  To view the enabled SSL cipher suites, access the CAS management console and navigate to the "Settings > ICAP" page.  Deselect all DES-CBC3 cipher suites under "Cipher Selection" and save the changes.

CVE-2016-2183 can be remediated on ICSP, NNP, and NSP by disabling 3DES and Blowfish for the web UI and CLI.  Customers should remove DES-CBC3-SHA from the ssl_ciphers list in the nginx web server configuration file, add the following line to the SSH daemon configuration file:

Ciphers aes256-ctr,aes192-ctr,aes128-ctr

and reboot the system.

CVE-2016-2183 can be remediated on PacketShaper S-Series by disabling 3DES for the web UI.  Customers should use the following CLI command:

sys set useStrongCiphers 1

CVE-2016-2183 can be remediated on PolicyCenter S-Series by disabling 3DES for the web UI.  Customers should use the following CLI command:

pc setup ssl strength strong

CVE-2016-2183 can be remediated on ProxyAV by disabling 3DES cipher suites for SSL clients, the management console and the secure ICAP server.  To view the enabled SSL cipher suites, access the ProxyAV management console.  Navigate to "Advanced/SSL Client" for the SSL client settings, "Network/Ciphers suite lists for HTTPS administration" for the management console settings and "ICAP Settings" for the secure ICAP server settings.  Deselect all DES-CBC3 cipher suites and save the changes on each of these pages.

CVE-2016-2183 can be remediated on ProxyClient for Windows by disabling 3DES cipher suites for SSL client connections.  Customers can use the "Local Computer Policy/Computer Configuration/Administrative Templates/Network/SSL Configuration Settings/SSL Cipher Suite Order" setting in the Windows Local Group Policy Editor (gpedit.msc) to disable 3DES cipher suites.

CVE-2016-2183 can be remediated for the SSH management console, HTTPS management console, SSL reverse proxy, and SSL device profiles on ASG and ProxySG by disabling Blowfish, DES, and 3DES ciphers.  Customers can use the following CLI commands in configuration mode:

#(config) ssh-console
#(config ssh-console) ciphers remove 3des-cbc
#(config ssh-console) ciphers remove blowfish-cbc
#(config ssh-console) exit
#(config) management-services
#(config management-services) edit HTTPS-Console
#(config HTTPS-Console) attribute cipher-suite
<select_list_excluding_DES_and_DES-CBC3_cipher_suites>
#(config HTTPS-Console) exit
#(config management-services) exit
#(config) proxy-services
#(config proxy-services) edit service_name
#(config service_name) attribute cipher-suite
<select_list_excluding_DES_and_DES-CBC3_cipher_suites>
#(config service_name) exit
#(config proxy-services) exit
#(config) ssl
#(config ssl) edit ssl-device-profile profile_name
#(config device-profile profile_name) cipher-suite
<select_list_excluding_DES_and_DES-CBC3_cipher_suites>
#(config device-profile profile_name) exit
#(config ssl) exit

DES and 3DES cipher suites cannot be disabled for the SSL forward proxy.  ProxySG 6.5 and 6.6 customers can use the following CPL syntax in policy to block intercepted SSL flows that use DES and 3DES cipher suites:

<SSL>
client.connection.negotiated_cipher=list_of_DES_and_DES-CBC3_cipher_suites deny
<SSL>
server.connection.negotiated_cipher=list_of_DES_and_DES-CBC3_cipher_suites deny

CVE-2016-2183 can be remediated on Unified Agent for Windows by disabling DES and 3DES cipher suites for SSL client connections.  Customers can use the "Local Computer Policy/Computer Configuration/Administrative Templates/Network/SSL Configuration Settings/SSL Cipher Suite Order" setting in the Windows Local Group Policy Editor (gpedit.msc) to disable DES and 3DES cipher suites.

Patches: 

Advanced Secure Gateway
ASG 6.6 - a fix is not available at this time.

BCAAA
BCAAA 6.1 - a fix will not be provided.  An updated Novell SSO SDK is no longer available.  Please, contact Novell for more information.

CacheFlow
CacheFlow 3.4 - a fix is not available at this time.

Client Connector
Client Connector 1.6 - a fix will not be provided.  Please upgrade to the latest version of Unified Agent with the vulnerability fixes.

Cloud Data Protection for Salesforce
CDP-SFDC 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-SFDC 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-SFDC 4.6 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-SFDC 2.5 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Cloud Data Protection for Salesforce Analytics
CDP-WAVE 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-WAVE 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Cloud Data Protection for ServiceNow
CDP-SNOW 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-SNOW 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-SNOW 4.6 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Cloud Data Protection Communication Server
CDP-COMMSVR 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-COMMSVR 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-COMMSVR 4.6 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-COMMSVR 2.5 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-COMMSVR 2.4 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Cloud Data Protection Integration Server
CDP-INTSVR 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-INTSVR 4.8 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-INTSVR 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-INTSVR 4.6 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Cloud Data Protection Policy Builder
CDP-PBUILDER 4.9 - 3DES is disabled by default for all SSL interfaces in 3.9.1.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.
CDP-PBUILDER 4.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
CDP-PBUILDER 4.6 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Content Analysis System
CAS 2.1 - a fix is not available at this time.
CAS 1.3 - a fix is not available at this time.

Director
Director 6.1 - a fix is not available at this time.

IntelligenceCenter
IC 3.3 - a fix is not available at this time.

IntelligenceCenter Data Collector
DC 3.3 - a fix is not available at this time.

Malware Analysis Appliance
MAA 4.2 - a fix is not available at this time.

Mail Threat Defense
MTD 1.1 - a fix is not available at this time.

Management Center
MC 1.9 - a fix is not available at this time.
MC 1.8 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
MC 1.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Norman Shark Industrial Control System Protection
ICSP 5.3 - a fix is not available at this time.

Norman Shark Network Protection
NNP 5.3 - a fix is not available at this time.

Norman Shark SCADA Protection
NSP 5.3 - a fix is not available at this time.

PacketShaper
PS 9.2 - 3DES is disabled in 9.2.13p2 for the management CLI and all SSL interfaces except LDAPS connections to the Oracle Directory Server.  3DES support for LDAPS connections is required by the Oracle Directory Server.

PacketShaper S-Series
PS S-Series 11.7 - a fix is not available at this time.
PS S-Series 11.6 - a fix is not available at this time.
PS S-Series 11.5 - a fix is not available at this time.

PolicyCenter
PC 9.2 - 3DES is disabled in 9.2.13p2 for the management CLI and all SSL interfaces except LDAPS connections to the Oracle Directory Server.  3DES support for LDAPS connections is required by the Oracle Directory Server.

PolicyCenter S-Series
PC S-Series 1.1 - a fix is not available at this time.

ProxyAV
ProxyAV 3.5 - a fix is not available at this time.

ProxyClient
ProxyClient 3.4 - a fix will not be provided.  Please upgrade to the latest version of Unified Agent with the vulnerability fixes.

ProxySG
ProxySG 6.7 - 3DES and Blowfish are disabled by default in 6.7.1.1 for the SSH management console.  3DES is also disabled by default in 6.7.1.1 for the HTTPS management console, HTTPS reverse proxy, and SSL device profiles.  The algorithms are disabled only for newly initialized systems - see Workarounds section for instructions to ensure that 3DES and Blowfish are disabled after a software upgrade.
ProxySG 6.6 - 3DES is disabled by default for all SSL interfaces in 6.6.5.2.  3DES is disabled only for newly initialized systems - see Workarounds section for instructions to disable 3DES after a software upgrade.  A fix is not available for the management CLI at this time.
ProxySG 6.5 - a fix is not available at this time.

SSL Visibility
SSLV 4.0 - a fix is not available at this time.
SSLV 3.11 - a fix is available in 3.11.1.1.
SSLV 3.10 - a fix is available in 3.10.2.1.
SSLV 3.9 - a fix is available in 3.9.7.1.
SSLV 3.8.4FC - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

Unified Agent
UA 4.7 - a fix is not available at this time.
UA 4.6 - a fix will not be provided.  Please, upgrade to the latest version with the vulnerability fixes.
UA 4.1 - a fix will not be provided.  Please, upgrade to the latest version with the vulnerability fixes.

X-Series XOS
XOS 11.0 - a fix is not available at this time.
XOS 10.0 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.
XOS 9.7 - a fix will not be provided.  Please upgrade to a later version with the vulnerability fixes.

References: 

CVE-2016-2183 - https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183
Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN - https://sweet32.info

Advisory History: 

2017-05-18 CAS 2.1 enables 3DES for SSL connections to Blue Coat, Malware Analysis, and Lastline.  It disables 3DES by default for the secure ICAP server.  CDP-SFDC 4.12, CDP-SNOW 4.12, CDP-COMMSVR 4.12, and CDP-INTSVR 4.12 disable 3DES by default for all SSL interfaces on newly initialized systems.
2017-03-30 MC 1.9 enables 3DES for SSL connections to Blue Coat.
2017-03-16 A fix for SSLV 3.10 is available in 3.10.2.1.
2017-03-08 ProxySG 6.7.1.1 disables 3DES and Blowfish by default for the SSH management console.  It also disables 3DES by default for the HTTPS management console, HTTPS reverse proxy, and SSL device profiles.  The algorithms are disabled only for newly initialized systems - see Workarounds section for instructions to ensure that 3DES and Blowfish are disabled after a software upgrade.
2017-03-08 MC 1.8 enables 3DES for the management CLI, SSH failover connections, and SSL connections to Blue Coat.  SSLV 4.0 enables 3DES for SSL connections to Blue Coat.  3DES cannot be disabled.
2017-01-13 A fix in SSLV 3.9 is available in 3.9.7.1.
2016-12-22 initial public release
2016-12-23 SSLV 3.11 is not vulnerable because the fixes are available in 3.11.1.1.