Lucene search
Redhat.comRH:CVE-2017-3204HistoryApr 06, 2017 - 1:18 p.m.
CVE-2017-3204
2017-04-0613:18:03
redhat.com
access.redhat.com
14
EPSS
0.002
Percentile
61.9%
The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.
Related
osv
osv
CVE-2017-3204
2017-04-04 14:59:00
Man-in-the-middle attack in golang.org/x/crypto/ssh
2021-04-14 20:04:52
golang.org/x/crypto/ssh Man-in-the-Middle attack
2023-02-07 22:39:34
prion
prion
Default credentials
2017-04-04 14:59:00
cvelist
cvelist
CVE-2017-3204
2017-04-04 14:00:00
gitlab
gitlab
Go SSH library vulnerable to Man-in-the-Middle attacks
2023-02-07 00:00:00
Go SSH library vulnerable to Man-in-the-Middle attacks
2023-02-07 00:00:00
veracode
veracode
Man-in-the-middle (MitM)
2017-05-03 07:13:41
nvd
nvd
CVE-2017-3204
2017-04-04 14:59:00
ubuntucve
ubuntucve
CVE-2017-3204
2017-04-04 00:00:00
debiancve
debiancve
CVE-2017-3204
2017-04-04 14:59:00
github
github
golang.org/x/crypto/ssh Man-in-the-Middle attack
2023-02-07 22:39:34
cve
cve
CVE-2017-3204
2017-04-04 14:59:00
