Wind River Support Network

HomeDefectsLIN1021-1339
Fixed

LIN1021-1339 : Security Advisory - mc - CVE-2021-36370

Created: Aug 30, 2021    Updated: Sep 25, 2021
Resolved Date: Sep 17, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.5
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.

CREATE(Triage):(User=admin) CVE-2021-36370 (https://nvd.nist.gov/vuln/detail/CVE-2021-36370)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube