CCE-92330-0| Platform: cpe:/o:amazon:linux:2 | Date: (C)2018-10-29 (M)2023-07-04 |
The telnet client allows users to start connections to other
systems via the telnet protocol.
Parameter:
[no/yes]
Technical Mechanism:
The 'telnet' protocol is insecure and unencrypted. The use
of an unencrypted transmission medium could allow an unauthorized user
to steal credentials. The 'ssh' package provides an
encrypted session and stronger security and is included in Red Hat
Enterprise Linux.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 4.3 | Attack Vector: ADJACENT_NETWORK |
| Exploit Score: 2.8 | Attack Complexity: LOW |
| Impact Score: 1.4 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: NONE |
| | Availability: NONE |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:48517 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:48827 |
