7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
60.9%
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | erlang | <Β 1:14.b.3-dfsg-1 | erlang_1:14.b.3-dfsg-1_all.deb |
Debian | 11 | all | erlang | <Β 1:14.b.3-dfsg-1 | erlang_1:14.b.3-dfsg-1_all.deb |
Debian | 10 | all | erlang | <Β 1:14.b.3-dfsg-1 | erlang_1:14.b.3-dfsg-1_all.deb |
Debian | 999 | all | erlang | <Β 1:14.b.3-dfsg-1 | erlang_1:14.b.3-dfsg-1_all.deb |
Debian | 13 | all | erlang | <Β 1:14.b.3-dfsg-1 | erlang_1:14.b.3-dfsg-1_all.deb |