CVE-1999-1029
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-1999-1029 is a vulnerability affecting SSH servers prior to version 2.0.12. The issue lies in the way these servers handle login attempts. If a connection is closed before reaching the maximum number of tries, the failed attempt will not be recorded in the audit logs. This allows an attacker to attempt multiple password guesses undetected, increasing the likelihood of a successful brute-force attack. To mitigate this risk, it is recommended that affected SSH servers be updated to the latest version or that additional security measures be implemented to monitor and log all login attempts.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.