CVE-2009-4510
published 2010-04-13CVE-2009-4510: The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct…
PriorityP338high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
2.15%
79.8th percentile
The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vsecurity | tandberg_video_communication_server | <= x5.0.0 | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
| vsecurity | tandberg_video_communication_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20%28X5%29.pdfhttp://secunia.com/advisories/39275http://www.vsecurity.com/resources/advisory/20100409-2http://ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20%28X5%29.pdfhttp://secunia.com/advisories/39275http://www.vsecurity.com/resources/advisory/20100409-2
2010-04-13
Published