CVE-2012-5301

medium

Description

The default configuration of Cerberus FTP Server before 5.0.4.0 supports the DES cipher for SSH sessions, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and performing a brute-force attack on the encrypted data.

References

http://www.cerberusftp.com/products/releasenotes.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/79503

Details

Source: MITRE

Published: 2012-10-04

Updated: 2017-08-29

Type: CWE-310

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM