PT-2024-36555 · Unknown · Mailcleaner
Published
2024-12-08
·
Updated
2024-12-12
·
CVE-2024-55560
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MailCleaner versions before 28d913e
Description
The issue concerns default values of
ssh host dsa key, ssh host rsa key, and ssh host ed25519 key that persist after installation.Recommendations
For versions before 28d913e, update to a version after 28d913e to resolve the issue. As a temporary workaround, consider regenerating the
ssh host dsa key, ssh host rsa key, and ssh host ed25519 key to minimize the risk of exploitation.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mailcleaner