VYPR

CWE-322

Key Exchange without Entity Authentication

BaseDraftLikelihood: High

Description

The product performs a key exchange with an actor without verifying the identity of that actor.

Performing a key exchange will preserve the integrity of the information sent between two entities, but this will not guarantee that the entities are who they claim they are. This may enable an attacker to impersonate an actor by modifying traffic between the two entities. Typically, this involves a victim client that contacts a malicious server that is impersonating a trusted server. If the client skips authentication or ignores an authentication failure, the malicious server may request authentication information from the user. The malicious server can then use this authentication information to log in to the trusted server using the victim's credentials, sniff traffic between the victim and trusted server, etc.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (12)

  • CVE-2025-13914HigApr 9, 2026
    risk 0.57cvss 8.7epss 0.00

    A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle…

  • CVE-2026-45361HigMay 25, 2026
    risk 0.46cvss 8.1epss 0.01

    Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to…

  • CVE-2026-44467MedMay 13, 2026
    risk 0.44cvss 6.8epss 0.00

    The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development feature verified only whether a hostname existed in ~/.ssh/known_hosts without…

  • CVE-2024-4871MedMay 14, 2024
    risk 0.44cvss 6.8epss 0.01

    A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack…

  • CVE-2026-1354MedApr 21, 2026
    risk 0.42cvss 6.4epss 0.00

    Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The…

  • CVE-2026-33697HigMar 27, 2026
    risk 0.42cvss 7.5epss 0.00

    Cocos AI is a confidential computing system for AI. The current implementation of attested TLS (aTLS) in CoCoS is vulnerable to a relay attack affecting all versions from v0.4.0 through v0.8.2. This vulnerability is present in both the AMD SEV-SNP and Intel TDX deployment…

  • CVE-2022-39254Sep 29, 2022
    risk 0.00cvss epss 0.01

    matrix-nio is a Python Matrix client library, designed according to sans I/O principles. Prior to version 0.20, when a users requests a room key from their devices, the software correctly remember the request. Once they receive a forwarded room key, they accept it without…

  • CVE-2022-39250Sep 29, 2022
    risk 0.00cvss epss 0.01

    Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver could interfere with the verification flow between two users, injecting its own cross-signing user…

  • CVE-2022-39248Sep 28, 2022
    risk 0.00cvss epss 0.01

    matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a…

  • CVE-2022-39246Sep 28, 2022
    risk 0.00cvss epss 0.01

    matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be…

  • CVE-2022-39251Sep 28, 2022
    risk 0.00cvss epss 0.01

    Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield.…

  • CVE-2022-36881Jul 27, 2022
    risk 0.00cvss epss 0.01

    Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.