Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for Threat Intelligence Exchange Server (TIE Server) by McAfee
CVE-2018-6695 (GCVE-0-2018-6695)
Vulnerability from nvd – Published: 2018-10-03 21:00 – Updated: 2024-08-05 06:10
VLAI?
Title
Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability
Summary
SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment.
Severity ?
6.1 (Medium)
CWE
- SSH host keys generation vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee | Threat Intelligence Exchange Server (TIE Server) |
Affected:
1.3.0
Affected: 2.0.0 , < 2.0.0* (custom) Unaffected: 2.3.0 , < 2.3.0* (custom) |
Date Public ?
2018-10-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:11.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86"
],
"product": "Threat Intelligence Exchange Server (TIE Server)",
"vendor": "McAfee",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"lessThan": "2.0.0*",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.3.0*",
"status": "unaffected",
"version": "2.3.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-10-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSH host keys generation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
],
"source": {
"advisory": "SB10253",
"discovery": "UNKNOWN"
},
"title": "Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6695",
"STATE": "PUBLIC",
"TITLE": "Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Threat Intelligence Exchange Server (TIE Server)",
"version": {
"version_data": [
{
"affected": "=",
"platform": "x86",
"version_affected": "=",
"version_name": "1.3.0",
"version_value": "1.3.0"
},
{
"affected": "\u003e=",
"platform": "x86",
"version_affected": "\u003e=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"affected": "!\u003e=",
"platform": "x86",
"version_affected": "!\u003e=",
"version_name": "2.3.0",
"version_value": "2.3.0"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSH host keys generation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
]
},
"source": {
"advisory": "SB10253",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6695",
"datePublished": "2018-10-03T21:00:00.000Z",
"dateReserved": "2018-02-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:10:11.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6695 (GCVE-0-2018-6695)
Vulnerability from cvelistv5 – Published: 2018-10-03 21:00 – Updated: 2024-08-05 06:10
VLAI?
Title
Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability
Summary
SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment.
Severity ?
6.1 (Medium)
CWE
- SSH host keys generation vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee | Threat Intelligence Exchange Server (TIE Server) |
Affected:
1.3.0
Affected: 2.0.0 , < 2.0.0* (custom) Unaffected: 2.3.0 , < 2.3.0* (custom) |
Date Public ?
2018-10-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:11.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86"
],
"product": "Threat Intelligence Exchange Server (TIE Server)",
"vendor": "McAfee",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"lessThan": "2.0.0*",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "2.3.0*",
"status": "unaffected",
"version": "2.3.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-10-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSH host keys generation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
],
"source": {
"advisory": "SB10253",
"discovery": "UNKNOWN"
},
"title": "Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6695",
"STATE": "PUBLIC",
"TITLE": "Threat Intelligence Exchange Server (TIE Server) SSH host keys generation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Threat Intelligence Exchange Server (TIE Server)",
"version": {
"version_data": [
{
"affected": "=",
"platform": "x86",
"version_affected": "=",
"version_name": "1.3.0",
"version_value": "1.3.0"
},
{
"affected": "\u003e=",
"platform": "x86",
"version_affected": "\u003e=",
"version_name": "2.0.0",
"version_value": "2.0.0"
},
{
"affected": "!\u003e=",
"platform": "x86",
"version_affected": "!\u003e=",
"version_name": "2.3.0",
"version_value": "2.3.0"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSH host keys generation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10253"
}
]
},
"source": {
"advisory": "SB10253",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6695",
"datePublished": "2018-10-03T21:00:00.000Z",
"dateReserved": "2018-02-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:10:11.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}