CVE-2017-5242 (GCVE-0-2017-5242)
Vulnerability from cvelistv5 – Published: 2023-01-12 00:00 – Updated: 2025-04-08 14:20
VLAI
Title
Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key
Summary
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.
Severity
7.7 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rapid7 | Nexpose Virtual Appliance |
Affected:
2017.04.05 , < 2017.04.05*
(custom)
Affected: 2017.05.03 , ≤ 2017.05.03 (custom) |
|
| Rapid7 | InsightVM Virtual Appliance |
Affected:
2017.04.05 , < 2017.04.05*
(custom)
Affected: 2017.05.03 , ≤ 2017.05.03 (custom) |
Date Public
2017-08-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-5242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T14:18:56.959442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:20:43.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nexpose Virtual Appliance",
"vendor": "Rapid7",
"versions": [
{
"lessThan": "2017.04.05*",
"status": "affected",
"version": "2017.04.05",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.05.03",
"status": "affected",
"version": "2017.05.03",
"versionType": "custom"
}
]
},
{
"product": "InsightVM Virtual Appliance",
"vendor": "Rapid7",
"versions": [
{
"lessThan": "2017.04.05*",
"status": "affected",
"version": "2017.04.05",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.05.03",
"status": "affected",
"version": "2017.05.03",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-12T00:00:00.000Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"url": "https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2017-5242",
"datePublished": "2023-01-12T00:00:00.000Z",
"dateReserved": "2017-01-09T00:00:00.000Z",
"dateUpdated": "2025-04-08T14:20:43.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-5242",
"date": "2026-05-31",
"epss": "0.0023",
"percentile": "0.45852"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2017-04-05\", \"versionEndIncluding\": \"2017-05-03\", \"matchCriteriaId\": \"1DEA2123-D427-48C4-90B1-47B996A255C2\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos virtuales Nexpose e InsightVM descargados entre el 5 de abril de 2017 y el 3 de mayo de 2017 contienen claves de host SSH id\\u00e9nticas. Normalmente, se debe generar una clave de host SSH \\u00fanica la primera vez que se inicia un dispositivo virtual.\"}]",
"id": "CVE-2017-5242",
"lastModified": "2024-11-21T03:27:21.310",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N\", \"baseScore\": 7.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 5.8}]}",
"published": "2023-01-12T22:15:09.263",
"references": "[{\"url\": \"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\", \"source\": \"cve@rapid7.com\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@rapid7.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"cve@rapid7.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-321\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-330\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-5242\",\"sourceIdentifier\":\"cve@rapid7.com\",\"published\":\"2023-01-12T22:15:09.263\",\"lastModified\":\"2025-04-08T15:15:45.170\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos virtuales Nexpose e InsightVM descargados entre el 5 de abril de 2017 y el 3 de mayo de 2017 contienen claves de host SSH id\u00e9nticas. Normalmente, se debe generar una clave de host SSH \u00fanica la primera vez que se inicia un dispositivo virtual.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.3,\"impactScore\":5.8},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.3,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"cve@rapid7.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-321\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2017-04-05\",\"versionEndIncluding\":\"2017-05-03\",\"matchCriteriaId\":\"1DEA2123-D427-48C4-90B1-47B996A255C2\"}]}]}],\"references\":[{\"url\":\"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\",\"source\":\"cve@rapid7.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T14:55:35.797Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-5242\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-08T14:18:56.959442Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-08T14:20:38.239Z\"}}], \"cna\": {\"title\": \"Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key\", \"source\": {\"discovery\": \"INTERNAL\"}, \"affected\": [{\"vendor\": \"Rapid7\", \"product\": \"Nexpose Virtual Appliance\", \"versions\": [{\"status\": \"affected\", \"version\": \"2017.04.05\", \"lessThan\": \"2017.04.05*\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2017.05.03\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2017.05.03\"}]}, {\"vendor\": \"Rapid7\", \"product\": \"InsightVM Virtual Appliance\", \"versions\": [{\"status\": \"affected\", \"version\": \"2017.04.05\", \"lessThan\": \"2017.04.05*\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2017.05.03\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2017.05.03\"}]}], \"datePublic\": \"2017-08-19T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-321\", \"description\": \"CWE-321 Use of Hard-coded Cryptographic Key\"}]}], \"providerMetadata\": {\"orgId\": \"9974b330-7714-4307-a722-5648477acda7\", \"shortName\": \"rapid7\", \"dateUpdated\": \"2023-01-12T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-5242\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-08T14:20:43.692Z\", \"dateReserved\": \"2017-01-09T00:00:00.000Z\", \"assignerOrgId\": \"9974b330-7714-4307-a722-5648477acda7\", \"datePublished\": \"2023-01-12T00:00:00.000Z\", \"assignerShortName\": \"rapid7\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…