CVE
CVE-2020-14145
| CVE ID |
CVE-2020-14145
|
|---|---|
| CVSS Score |
5.9
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
openssh-7.4p1-23_ol008.el7
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
A flaw was found in OpenSSH in versions 5.7 through 8.3, where an observable discrepancy occurs and leads to an information leak in the algorithm negotiation. This flaw allows a man-in-the-middle attacker to target initial connection attempts, where there is no host key for the server that has been cached by the client.