CVE Catalog
CVE-1999-1010
LowExploitation Probability (EPSS)
Elevated risk1.42%
69th percentile — higher than 69% of all known CVEs
Summary
SSH server version 1.2.27 allows a client to use the 'none' cipher, even if it is not permitted by the server policy.
Risk Assessment
This may lead to unauthorized access to data, as the lack of encryption exposes communication to eavesdropping.
Recommendation
It is recommended to upgrade the SSH server to a newer version that does not allow the use of the 'none' cipher.
Original NVD description (English source)
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.

