CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-5242

Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.0%

CVSS Severity

CVSS v3 Score 7.7

References

https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/
https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/

Products affected by CVE-2017-5242

Rapid7 » Insightvm » Version: Any

cpe:2.3:a:rapid7:insightvm:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5242

Products

Pricing

Contact Us