Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-14717 | NET1647 | SV-15459r4_rule | Medium |
Description |
---|
SSH Version 1 is a protocol that has never been defined in a standard. Since SSH-1 has inherent design flaws which make it vulnerable to attacks, e.g., man-in-the-middle attacks, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1. |
STIG | Date |
---|---|
Perimeter L3 Switch Security Technical Implementation Guide | 2016-12-22 |
Check Text ( C-12924r8_chk ) |
---|
Review the configuration and verify SSH Version 1 is not being used for administrative access. If the device is using an SSHv1 session, this is a finding. |
Fix Text (F-14184r5_fix) |
---|
Configure the network device to use SSH version 2. |