8.5

CVE-2009-4510

The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.15% 0.797
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.5 6.8 10
AV:N/AC:M/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/39275
Vendor Advisory
http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20%28X5%29.pdf
http://www.vsecurity.com/resources/advisory/20100409-2
Patch
Vendor Advisory