UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must not allow SSH Version 1 to be used for administrative access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-14717 NET1647 SV-15459r2_rule ECSC-1 Medium
Description
SSH Version 1 is a protocol that has never been defined in a standard. Since SSH-1 has inherent design flaws which make it vulnerable to attacks, e.g., man-in-the-middle attacks, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1.
STIG Date
Firewall Security Technical Implementation Guide - Cisco 2013-10-08

Details

Check Text ( C-12924r6_chk )
Review the configuration and verify SSH Version 1 is not being used for administrative access.
Fix Text (F-14184r3_fix)
Configure the network element to use SSH version 2.