CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1335

The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.1

References

Products affected by CVE-2016-1335

Cisco » Asr 5000 Series Software » Version: 16.5.2

cpe:2.3:a:cisco:asr_5000_series_software:16.5.2
Cisco » Asr 5000 Series Software » Version: 17.7.0

cpe:2.3:a:cisco:asr_5000_series_software:17.7.0
Cisco » Asr 5000 Series Software » Version: 18.4.0

cpe:2.3:a:cisco:asr_5000_series_software:18.4.0
Cisco » Asr 5000 Series Software » Version: 19.0.1

cpe:2.3:a:cisco:asr_5000_series_software:19.0.1
Cisco » Asr 5000 Series Software » Version: 19.3.0

cpe:2.3:a:cisco:asr_5000_series_software:19.3.0
Cisco » Asr 5000 Series Software » Version: 20.0.0

cpe:2.3:a:cisco:asr_5000_series_software:20.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1335

Products

Pricing

Contact Us