5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.032 Low
EPSS
Percentile
90.2%
Name | ssh_enum |
---|---|
CVE | CVE-2018-15473 Exploit Pack |
VENDOR: The OpenBSD Project | |
NOTES: Module will use different techniques in order to enumerate users on target host(s) | |
As for the file containing usernames, they should be one per line | |
https://isc.sans.edu/forums/diary/OpenSSH+user+enumeration+CVE201815473/24004/ | |
http://www.openwall.com/lists/oss-security/2018/08/15/5 | |
Tested against: | |
- SSH-2.0-OpenSSH_7.2p2 |
VersionsAffected:
Repeatability: Infinite
References: https://isc.sans.edu/forums/diary/OpenSSH+user+enumeration+CVE201815473/24004/
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473
Date public: 08/15/2018
CVSS: None
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.032 Low
EPSS
Percentile
90.2%