Cryptography / SSH Weak Mac Algorithms Enabled
Description
SSH Weak MAC Algorithms Enabled (CWE-327) is a vulnerability in the cryptographic protocols used to protect data sent over unsecured networks. This vulnerability occurs when an SSH server or client is configured to allow weak MAC algorithms, such as HMAC-MD5 or MAC algorithms with 96-bit or less, to be used. This can allow attackers to manipulate the communication and gain access to sensitive data.
Risk
The risk associated with this vulnerability is high due to the fact that an attacker may be able to modify the communication affecting its integrity. This can lead to the theft of data, the manipulation of services, and even the disruption of an infrastructure depending on the severity of the attack.
Solution
In order to mitigate the risk of this vulnerability, weak MAC algorithms should be disabled in the configuration of the SSH server/client application. Additionally, regular security patches should be applied to the SSH server or client to ensure that the latest security features are enabled.