CVE-2017-5242 Information

Description

Nexpose and InsightVM virtual appliances downloaded between April 5th 2017 and May 3rd 2017 contain identical SSH host keys. Normally a unique SSH host key should be generated the first time a virtual appliance boots.

Reference

https://www.rapid7.com/blog/post/2017/05/17/rapid7-nexpose-virtual-appliance-duplicate-ssh-host-key-cve-2017-5242/