VYPR
Unrated severityNVD Advisory· Published Jul 9, 2021· Updated Aug 4, 2024

CVE-2021-36367

CVE-2021-36367

Description

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PuTTY/PuTTYdescription
  • Putty/Puttyllm-fuzzy
    Range: <=0.75

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.