PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).
References
Configurations
History
25 Apr 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-06-29 18:15
Updated : 2024-04-25 22:15
NVD link : CVE-2020-14002
Mitre link : CVE-2020-14002
CVE.ORG link : CVE-2020-14002
JSON object : View
Products Affected
netapp
- oncommand_unified_manager_core_package
putty
- putty
fedoraproject
- fedora
CWE
CWE-203
Observable Discrepancy