CVE-2016-1335 in StarOSinfo

Summary

The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

01/03/2016

Disclosure

02/19/2016

Moderation

VulDB entry created

Entries

1: VDB-81033

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

6.9

EPSS

0.02914

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-1335
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1335
CVE Details	https://www.cvedetails.com/cve/CVE-2016-1335/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!