VYPR
Unrated severityNVD Advisory· Published Jan 12, 2023· Updated Apr 8, 2025

Rapid7 Nexpose Virtual Appliance Duplicate SSH Host Key

CVE-2017-5242

Description

Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. Normally, a unique SSH host key should be generated the first time a virtual appliance boots.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Rapid7/Nexposellm-fuzzy
    Range: April 5 – May 3 2017 build range implied
  • Rapid7/InsightVMllm-fuzzy
    Range: April 5 – May 3 2017 build range implied
  • Rapid7/InsightVM Virtual Appliancev5
    Range: 2017.04.05
  • Rapid7/Nexpose Virtual Appliancev5
    Range: 2017.04.05

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.