Description
SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10253
Scores
CVSS v3
5.9
EPSS
0.0018
EPSS Percentile
38.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (3)
mcafee/threat_intelligence_exchange_server
1.3.0
mcafee/threat_intelligence_exchange_server
2.2.0
mcafee/threat_intelligence_exchange_server
2.0.0 - 2.0.1
Published
Oct 03, 2018
Tracked Since
Feb 18, 2026