Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key
CVE-2017-5242

7.7HIGH

Key Information:

Vendor: Rapid7
Status: Nexpose Virtual Appliance; Insightvm Virtual Appliance
Vendor: CVE Published:; 12 January 2023

What is CVE-2017-5242?

The Nexpose and InsightVM virtual appliances, when downloaded within a specific timeframe in 2017, are affected by a significant security issue where identical SSH host keys are generated. This is contrary to standard practice, where each virtual appliance should have a unique SSH host key upon its first boot. The presence of duplicate SSH host keys can expose the appliances to risks such as man-in-the-middle attacks, as malicious actors may exploit the predictable nature of these keys. It is crucial for users of the affected products to immediately take corrective actions to ensure secure and unique key management.

Affected Version(s)

InsightVM Virtual Appliance 2017.04.05 < 2017.04.05*

InsightVM Virtual Appliance 2017.05.03

Nexpose Virtual Appliance 2017.04.05 < 2017.04.05*

References

https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpos...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 12, 2023
Vulnerability Reserved
Jan 9, 2017