CVE-2018-6695

3 documents3 sources

Severity

5.9MEDIUM

EPSS

0.2%

top 59.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Threat Intelligence Exchange Server (tie Server)Mcafee Threat Intelligence Exchange Server

Timeline

PublishedOct 3

Latest updateMay 13

Description

SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5mcafee/threat_intelligence_exchange_server_(tie_server)2.0.0 — 2.0.0*+1

▶NVDmcafee/threat_intelligence_exchange_server2.0.0 — 2.0.1+3

🔴Vulnerability Details

GHSA

GHSA-jqmm-xqv9-f367: SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1↗2022-05-13

▶

CVEList

Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability↗2018-10-03

▶