PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).
References
Configurations
History
25 Apr 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 May 2022, 13:59
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp
Fedoraproject fedora Netapp oncommand Unified Manager Core Package Fedoraproject |
|
CPE | cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JPV4A77EDCT4BTFO5BE26ZH72BG4E5IJ/ - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200717-0003/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/26TACCSQYYCPWAJYNAUIXJGZ5RGORJZV/ - Mailing List, Third Party Advisory | |
CWE | CWE-203 |
Information
Published : 2020-06-29 18:15
Updated : 2024-04-25 22:15
NVD link : CVE-2020-14002
Mitre link : CVE-2020-14002
CVE.ORG link : CVE-2020-14002
JSON object : View
Products Affected
netapp
- oncommand_unified_manager_core_package
fedoraproject
- fedora
putty
- putty
CWE
CWE-203
Observable Discrepancy