Описание
SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: the vendor indicated that they have no plans to fix this, and discourage deployment using public IPv4.
Ссылки
EPSS
Процентиль: 38%
0.00163
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-321
Связанные уязвимости
CVSS3: 9.1
github
почти 2 года назад
SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: the vendor indicated that they have no plans to fix this, and discourage deployment using public IPv4.
EPSS
Процентиль: 38%
0.00163
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-321