CVE Catalog

CVE-1999-1010

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.42%

69th percentile — higher than 69% of all known CVEs

Summary

SSH server version 1.2.27 allows a client to use the 'none' cipher, even if it is not permitted by the server policy.

Risk Assessment

This may lead to unauthorized access to data, as the lack of encryption exposes communication to eavesdropping.

Recommendation

It is recommended to upgrade the SSH server to a newer version that does not allow the use of the 'none' cipher.

Original NVD description (English source)

An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS