Boomi's vulnerability to the "Birthday Attack”

Document created by sheng_liao462475 Employee on Jul 7, 2017Last modified by mike_aronson on Aug 8, 2017
Version 2Show Document
  • View in full screen mode

The Birthday Attack is a type of cryptographic attack that can be used to abuse communication between two or more parties. This vulnerability is also known as CVE-2016-6329

 

The Dell Boomi team has analyzed the atom.boomi.com vulnerability and made a configuration change on our servers.

We've removed the following ciphers that are currently determined as "weak" by SSL Labs.

3DES / DES / RC2 / IDEA

After making this change, atom.boomi.com is rated an "A" on SSL Labs.

SSL Server Test: atom.boomi.com (Powered by Qualys SSL Labs) 

 

Summary

Dell Boomi atom.boomi.com is not vulnerable to "Birthday Attack".

Attachments

    Outcomes