Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:44 a.m.13 views

CVE-2024-21653

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...

9.8CVSS6.9AI score0.00466EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/01/30 8:56 p.m.4 views

vantage6-algorithm-store (>=4.10.0 <=4.15.1rc1), vantage6-node (>=0.0.0 <=4.15.1rc1) +1 more potentially affected by CVE-2024-21653 via vantage6 (>=0.0.0 <=4.1.3)

vantage6 PYPI version =0.0.0, =4.10.0, =0.0.0, =0.0.0, =4.15.1rc1 Source cves: CVE-2024-21653 Source advisory: OSV:GHSA-2WGC-48G2-CJ5W...

9.8CVSS7.7AI score0.00466EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/30 3:39 p.m.18 views

CVE-2024-21653 vantage6 insecure SSH configuration for node and server containers

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...

6.5CVSS6.9AI score0.00466EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/30 3:39 p.m.60 views

CVE-2024-21653 vantage6 insecure SSH configuration for node and server containers

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...

6.5CVSS9.7AI score0.00466EPSS
Exploits0References2
CVE
CVE
added 2024/01/30 3:39 p.m.51 views

CVE-2024-21653

The CVE-2024-21653 entry concerns the vantage6 architecture where node/server containers expose SSH with root login and password authentication by default. The root-cause is an insecure default SSH configuration rather than a flaw in core logic, and the described mitigation is to remove the SSH p...

9.8CVSS9.3AI score0.00466EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder