CVE-2014-8779CVE-2014-8779

Affected configuration(s):

cpe:/a:pexip:pexip_infinity:7.0

Date published: 2015-02-03T11:59:01.187-05:00

Date last modified: 2015-02-03T22:35:18.540-05:00

CVSS Score: 7.1

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://packetstormsecurity.com/files/130174/Pexip-Infinity-Non-Unique-SSH-Host-Keys.html

Summary: Pexip Infinity before 8 uses the same SSH host keys across different customers’ installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.