CVE-2020-14145 -- OpenSSH vulnerabilityDeprecated |
ID: oval:org.secpod.oval:def:69260 | Date: (C)2021-02-19 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).
Platform: |
Ubuntu 16.04 |
Ubuntu 18.04 |
Ubuntu 20.04 |
Ubuntu 20.10 |
Linux Mint 18.x |
Linux Mint 19.x |
Linux Mint 20.x |