7.5

CVE-2001-1473

EPSS 4.88%
Published 18.01.2001 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Ssh ≫ Ssh Version1.2.24

Ssh ≫ Ssh Version1.2.25

Ssh ≫ Ssh Version1.2.26

Ssh ≫ Ssh Version1.2.27

Ssh ≫ Ssh Version1.2.28

Ssh ≫ Ssh Version1.2.29

Ssh ≫ Ssh Version1.2.30

Ssh ≫ Ssh Version1.2.31

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.88%	0.891

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.kb.cert.org/vuls/id/684820

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/6603

https://nvd.nist.gov/vuln/detail/CVE-2001-1473

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-1473

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-1473

EUVD