Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-14717 | NET1647 | SV-15459r4_rule | ECSC-1 | Medium |
Description |
---|
SSH Version 1 is a protocol that has never been defined in a standard. Since SSH-1 has inherent design flaws which make it vulnerable to attacks, e.g., man-in-the-middle attacks, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1. |
STIG | Date |
---|---|
WLAN Bridge Security Technical Implementation Guide (STIG) | 2016-01-07 |
Check Text ( C-12924r8_chk ) |
---|
Review the configuration and verify SSH Version 1 is not being used for administrative access. If the device is using an SSHv1 session, this is a finding. |
Fix Text (F-14184r5_fix) |
---|
Configure the network device to use SSH version 2. |