4 matches found
CVE-2017-5243
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the...
CVE-2017-5243
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the...
CVE-2017-5243
The CVE-2017-5243 issue affects Rapid7 Nexpose physical hardware appliances shipped before June 2017, where the default SSH configuration did not specify desired KEX, cipher, or MAC algorithms. This caused the SSH implementation to fall back to all algorithms supported by the OpenSSH version in u...
R7-2017-13 | CVE-2017-5243: Nexpose Hardware Appliance SSH Enabled Obsolete Algorithms
Summary Nexpose physical appliances shipped with an SSH configuration that allowed obsolete algorithms to be used for key exchange and other functions. Because these algorithms are enabled, attacks involving authentication to the hardware appliances are more likely to succeed. We strongly encoura...