CVE-2016-1335
19.02.2016, 19:59
The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.Enginsight
Vendor | Product | Version |
---|---|---|
cisco | asr_5000_series_software | 16.5.2 |
cisco | asr_5000_series_software | 17.7.0 |
cisco | asr_5000_series_software | 18.4.0 |
cisco | asr_5000_series_software | 19.0.1 |
cisco | asr_5000_series_software | 19.3.0 |
cisco | asr_5000_series_software | 20.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration