Network Management Card - Sweet32 vulnerability
Issue:
Is the APC Network Management Card platform affected by the Sweet32 vulnerability?
Product:
A vulnerability was published in 2016 regarding DES and Triple DES ciphers that could be used to conduct a birthday attack called "Sweet32": https://nvd.nist.gov/vuln/detail/CVE-2016-2183
For NMC2 devices, this vulnerability was addressed in AOS v6.9.6+
For NMC3 devices, this vulnerability was addressed in AOS v1.4.0.19+
Is the APC Network Management Card platform affected by the Sweet32 vulnerability?
Product:
- Network Management Card 2 (AP9630/31/35) and devices which use an embedded NMC2, including but not limited to SmartUPS online, rack PDU, rack ATS
- Network Management Card 3 (AP9640/41/43) and devices which use an embedded NMC3, including but not limited to SmartUPS online, rack PDU, rack ATS
A vulnerability was published in 2016 regarding DES and Triple DES ciphers that could be used to conduct a birthday attack called "Sweet32": https://nvd.nist.gov/vuln/detail/CVE-2016-2183
For NMC2 devices, this vulnerability was addressed in AOS v6.9.6+
For NMC3 devices, this vulnerability was addressed in AOS v1.4.0.19+
Released for: Schneider Electric Canada
