Cryptography / SSH Weak Mac Algorithms Enabled
Description
SSH Weak MAC Algorithms Enabled (CWE-327) is a vulnerability in the cryptographic protocols used to protect data sent over unsecured networks. This vulnerability occurs when an SSH server or client is configured to allow weak MAC algorithms, such as MD5 or HMAC-MD5, to be used during authentication. This can allow attackers to manipulate the authentication process and gain access to sensitive data. According to the OWASP Testing Guide, this vulnerability can result in the “confidentiality, integrity, and availability of the data that is being protected”.
Risk
The risk associated with this vulnerability is very high due to the fact that an attacker can access confidential data and modify it. This can lead to the theft of data, the manipulation of services, and even the disruption of an infrastructure depending on the severity of the attack.
Solution
In order to mitigate the risk of this vulnerability, strong cryptographic algorithms such as SHA-256 or SHA-512 should be used to protect data sent over unsecured networks. Additionally, regular security patches should be applied to the SSH server or client to ensure that the latest security features are enabled.
Example
The following code is an example of weak MAC algorithms being enabled on an SSH server.
# Allow weak MAC algorithms
MACs hmac-md5,hmac-md5-96