The affected host support the use of Cipher Block Chaining (CBC) encryption which is associated to cryptography flaws.
Risk Level:
Low
Implication:
An attacker could leverage this issue to decipher the encrypted data to obtain sensitive information.
Recommendation:
The affected host should be configured to disable the CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
Manual Verification:
nmap --script ssh2-enum-algos -p port ipaddr =>report the number of algorithms used (such as encryption, compression, etc)
No comments:
Post a Comment