176 – Insecure service configuration - SSH
Description
The SSH service is not filtered by the Firewall to avoid external attacks and possible intrusions through this service.
Impact
Attempt to access the server through brute force attacks or 0-day exploits.
Recommendation
Securely configure the vulnerable service so that it can only be accessed by authorized users.
Threat
External attacker without credentials.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: L
- Attack Requirements: N
- Privileges required: N
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): N
- Availability (VA): N
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: X