SuperMicro Device Uses Default SSH Host Key

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote device is using the default SSH host key for this service,
whose private key is public knowledge.

Description :

The SSH host key used by the remote host has not been changed from the
default host key that is hardwired into the firmware. The private key
corresponding to this host key is shared across all devices running the
same firmware, meaning that the remote host's key certificate cannot be
trusted.

See also :

http://www.nessus.org/u?99a8b71e

Solution :

Configure the device to use a device-specific host key.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)

Family: General

Nessus Plugin ID: 71533 ()

Bugtraq ID:

CVE ID: