Information leak vulnerability in OpenSSH - CVE-2020-14145Deprecated |
ID: oval:org.secpod.oval:def:69255 | Date: (C)2021-02-19 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
A flaw was found in OpenSSH in versions 5.7 through 8.3, where an Observable Discrepancy occurs and leads to an information leak in the algorithm negotiation. This flaw allows a man-in-the-middle attacker to target initial connection attempts, where there is no host key for the server that has been cached by the client.
Platform: |
Red Hat Enterprise Linux 7 |
CentOS 7 |
Oracle Linux 7 |