Insecure service configuration - SSH
Description
The SSH service is not filtered by the Firewall to avoid external attacks and possible intrusions through this service.
Impact
Attempt to access the server through brute force attacks or 0-day exploits.
Recommendation
Securely configure the vulnerable service so that it can only be accessed by authorized users.
Threat
External attacker without credentials.
Expected Remediation Time
⏱️ 60 minutes.
Requirements
266 - Disable insecure functionalitiesFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
L
Attack requirements
N
Privileges required
N
User interaction
N
Confidentiality (VC)
L
Integrity (VI)
N
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
X
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N