Code injection

2010-04-1317:30:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.3%

JSON

The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.

CPENameOperatorVersion
tandberg_video_communication_servereq2.1.120
tandberg_video_communication_servereq1.0.120
tandberg_video_communication_servereq4.1.120
tandberg_video_communication_servereq3.1.120
tandberg_video_communication_servereq3.0.120
tandberg_video_communication_servereq1.1.120
tandberg_video_communication_servereq4.2.120
tandberg_video_communication_servereq<= x5.0.0
tandberg_video_communication_servereq4.2.1120
tandberg_video_communication_servereq1.2.120

Name	Operator	Version
tandberg_video_communication_server	eq	2.1.120
tandberg_video_communication_server	eq	1.0.120
tandberg_video_communication_server	eq	4.1.120
tandberg_video_communication_server	eq	3.1.120
tandberg_video_communication_server	eq	3.0.120
tandberg_video_communication_server	eq	1.1.120
tandberg_video_communication_server	eq	4.2.120
tandberg_video_communication_server	eq	<= x5.0.0
tandberg_video_communication_server	eq	4.2.1120
tandberg_video_communication_server	eq	1.2.120