Lucene search
CertccCVELIST:CVE-2017-3204HistoryApr 04, 2017 - 2:00 p.m.
CVE-2017-3204
2017-04-0414:00:00
CWE-310
certcc
www.cve.org
4
The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.
CNA Affected
[
{
"product": "SSH library",
"vendor": "Go",
"versions": [
{
"status": "affected",
"version": "prior to commit e4e2799"
}
]
}
]Related
osv
osv
CVE-2017-3204
2017-04-04 14:59:00
Man-in-the-middle attack in golang.org/x/crypto/ssh
2021-04-14 20:04:52
golang.org/x/crypto/ssh Man-in-the-Middle attack
2023-02-07 22:39:34
prion
prion
Default credentials
2017-04-04 14:59:00
ubuntucve
ubuntucve
CVE-2017-3204
2017-04-04 00:00:00
debiancve
debiancve
CVE-2017-3204
2017-04-04 14:59:00
gitlab
gitlab
Go SSH library vulnerable to Man-in-the-Middle attacks
2023-02-07 00:00:00
Go SSH library vulnerable to Man-in-the-Middle attacks
2023-02-07 00:00:00
veracode
veracode
Man-in-the-middle (MitM)
2017-05-03 07:13:41
nvd
nvd
CVE-2017-3204
2017-04-04 14:59:00
redhatcve
redhatcve
CVE-2017-3204
2017-04-06 13:18:03
cve
cve
CVE-2017-3204
2017-04-04 14:59:00
github
github
golang.org/x/crypto/ssh Man-in-the-Middle attack
2023-02-07 22:39:34
