In the SWEET32 attack, a remote attacker can obtain sensitive information by recovering portions of the plaintext data when encrypted with 64-bit block ciphers (such as Triple-DES).
To prevent this attack, you need to modify the cipher list in the server.xml files of Administration Console and Identity Server as follows:
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
For information about how to modify a configuration file, see Modifying Configurations
in the NetIQ Access Manager 5.0 Administration Guide.