Hi, I am running the openssh-server-7.4p1-21.el7.x86_64 on CentOS Linux release 7.9.2009 (Core). #cat /etc/redhat-release CentOS Linux release 7.9.2009 (Core) # rpm -qa |grep ssh openssh-server-7.4p1-21.el7.x86_64 libssh2-1.8.0-4.el7.x86_64 openssh-7.4p1-21.el7.x86_64 openssh-clients-7.4p1-21.el7.x86_64 While invoking the Vulnerability Assessment and Penetration Testing (VAPT) scan, we are encountering the below vulnerability. OPIE w/ OpenSSH Account Enumeration The remote host is susceptible to an > information disclosure attack. CVE-2007-2768 A patch currently does not > exist for this issue. As a workaround, ensure that OPIE for PAM is not > installed. > Version source : SSH-2.0-OpenSSH_7.4 > Installed version : 7.4 > https://seclists.org/fulldisclosure/2007/Apr/634 Any help will be highly appreciated. Thanks in Advance. Please let me know if you need any additional information. Best Regards, Kaushal -