Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

EUVD-2021-16268

Malware in sbrugna...

Insecure SSH Configuration

vantage6 is vulnerable to Insecure SSH Configuration. The vulnerability is due to the default configuration on nodes and servers, allowing root login with password authentication. This configuration is overly permissive...

GHSA-2WGC-48G2-CJ5W vantage6 has insecure SSH configuration for node and server containers

Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to...

CVE-2018-0044

An insecure SSHD configuration in Juniper Device Manager JDM and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. The affected SSHD configuration has the PermitEmptyPasswords option set to "yes". Affected releases are...