7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
44.4%
According to its self-reported version, Cisco IOS Software and Cisco IOS XE Software is affected by denial of service vulnerability. An authenticated, remote attacker can exploit this, by continuously connecting to an affected device and sending specific SSH requests to cause an affected device to reload.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED 19b1d59895fc0e31d3f17684db50145b646622376ce91a8288fa66b427251a7a085c1703600894cd3978b2ffa1521ac941f2840dc29d855bd9f6aa419b13e53bb10c168da300e1cfb96dddb40cb3465fe9d16ddca04ad7c84d41c1686078a2a8481ea1b5af6efd067f498deb022e41913f90bbba8f359c0d565c3342a3cf2e9a7ee37ac9ed9e83e183b6669e3ae7a1e02d43a655325fd95b2c642f8ffe9c4f963e29cdf5a974b8868fdb4fa80618be5e10d7e6dc4b7ea920ccf0c4d64023ec61259a7252d5878992e15db49684abddc0a70850c7b5aeae593f582da14b0b2efc6420a73be4b9eeb9a9c07ed99ba1ef4058743b704f7b9c8abdb1e1d359fb201e7618e5635349f9b79eda68c6dfd2336d782666dbe2a86e268e8a39a163d586a5fb659791cc9db8741312d06e42d7e5d258a3ba8728bbd20cef6f0f16a5a076a13bc3398558e9f58016721dd093d1e0fa278559b1f25d1d5abbe6e65e3275c0a1a21d0a9b578c04a62268ceba662ec109393d86216771cb48b5241d912dd7098f509d9af043847f6756a15fa72fbd5156a434c153404bb32fb6fa47416b94419f19c1bcb4aab6c63cee6c71f2d53f3c699014f988be84c0ac7437d63bba36c276e5e3849098fca6a92e57daa0ccef15c081e9499d2fc21f7accee0eb552e3799711211612ab7b835aace63690cf3a5d8b660e87dcf89d6b95f63dd9ce766195a1
#TRUST-RSA-SHA256 5f34146534c4b82e043c3d1fd88b5b8692dd5958503bf71c21d7cddc8382146787583d10155c6162032307500caba5492c1ce2fcc7bfc9d7222aba95b733a700e9901ec606f86857366d83f316e728fcf26ef0ef42c22b95d7e31bacbb228f3dd4ceb57dab08006464ea62acf9fcf54a56a6425f2f5aa2d0b0631bf42ef93b4dd55f9a9450be35e1f85d1b828010493854f8ade83f8c6f62add049d4e9f8e7103325e6935798f71dd683e9e6927ba4fa2bb280003a4b7fd12d1c2569d012af7211932056bca939b269d3f0089e45a8d15385ee84d0437d1b278b274dc58ca4bb9467ba6726c2f1eb83a6371b9d5ebd891da32d3366304c48bd1cac211b1c3e6da2a866e42444a211a404e8e9a376f75cae90fddb51e3bbd12b076dd388772b0c2b32fdc6d5c093a2c8b85f9a88a750542f459965d6f26faf0b11f674a4ef155a15198777a44f52118af06e256e3eb1bf855534d3c4229612a190118d26be1bc2583c4234d2e833a1d1803f957a473abb6dd7b3821a67d9aa6dd3b4aac9fb6db15e309c781a16146d649aeac8eecae3875a6e941b3616d1dd80caa8278b4f7fa83a03a80e4b9a7329d51135139a3cfa7daa3cc47ace6c2cb154afb2c56b0a95c918c8e72c0daedcd15e9af3e2b1dc53c0a4e90535f8975523978cc50ccd3b88d4ab40a71391586c3c658918017145030802063fea705351939c830997a2c26960
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(165676);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/23");
script_cve_id("CVE-2022-20920");
script_xref(name:"CISCO-BUG-ID", value:"CSCvx63027");
script_xref(name:"CISCO-SA", value:"cisco-sa-ssh-excpt-dos-FzOBQTnk");
script_name(english:"Cisco IOS Software SSH DoS (cisco-sa-ssh-excpt-dos-FzOBQTnk)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS Software and Cisco IOS XE Software is affected by denial of service
vulnerability. An authenticated, remote attacker can exploit this, by continuously connecting to an affected device and
sending specific SSH requests to cause an affected device to reload.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssh-excpt-dos-FzOBQTnk
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8ebb8198");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74745");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx63027");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvx63027");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-20920");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/09/28");
script_set_attribute(attribute:"patch_publication_date", value:"2022/09/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/05");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco IOS');
var version_list=make_list(
'12.2(6)I1',
'12.2(58)EX',
'12.2(58)EY',
'12.2(58)EY1',
'12.2(58)EY2',
'12.2(58)EZ',
'12.2(58)SE',
'12.2(58)SE1',
'12.2(58)SE2',
'12.2(60)EZ',
'12.2(60)EZ1',
'12.2(60)EZ2',
'12.2(60)EZ3',
'12.2(60)EZ4',
'12.2(60)EZ5',
'12.2(60)EZ6',
'12.2(60)EZ7',
'12.2(60)EZ8',
'12.2(60)EZ9',
'12.2(60)EZ10',
'12.2(60)EZ11',
'12.2(60)EZ12',
'12.2(60)EZ13',
'12.2(60)EZ14',
'12.4(22)MD',
'12.4(22)MD1',
'12.4(22)MD2',
'12.4(22)MDA',
'12.4(22)MDA1',
'12.4(22)MDA2',
'12.4(22)MDA3',
'12.4(22)MDA4',
'12.4(22)MDA5',
'12.4(22)MDA6',
'12.4(22)T',
'12.4(22)T1',
'12.4(22)T2',
'12.4(22)T3',
'12.4(22)T4',
'12.4(22)T5',
'12.4(22)XR1',
'12.4(22)XR2',
'12.4(22)XR3',
'12.4(22)XR4',
'12.4(22)XR5',
'12.4(22)XR6',
'12.4(22)XR7',
'12.4(22)XR8',
'12.4(22)XR9',
'12.4(22)XR10',
'12.4(22)XR11',
'12.4(22)XR12',
'12.4(24)MD',
'12.4(24)MD1',
'12.4(24)MD2',
'12.4(24)MD3',
'12.4(24)MD4',
'12.4(24)MD5',
'12.4(24)MD6',
'12.4(24)MD7',
'12.4(24)MDA',
'12.4(24)MDA1',
'12.4(24)MDA2',
'12.4(24)MDA3',
'12.4(24)MDA4',
'12.4(24)MDA5',
'12.4(24)MDA6',
'12.4(24)MDA7',
'12.4(24)MDA8',
'12.4(24)MDA9',
'12.4(24)MDA10',
'12.4(24)MDA11',
'12.4(24)MDA12',
'12.4(24)MDA13',
'12.4(24)MDB',
'12.4(24)MDB1',
'12.4(24)MDB3',
'12.4(24)MDB4',
'12.4(24)MDB5',
'12.4(24)MDB5a',
'12.4(24)MDB6',
'12.4(24)MDB7',
'12.4(24)MDB8',
'12.4(24)MDB9',
'12.4(24)MDB10',
'12.4(24)MDB11',
'12.4(24)MDB12',
'12.4(24)MDB13',
'12.4(24)MDB14',
'12.4(24)MDB15',
'12.4(24)MDB16',
'12.4(24)MDB17',
'12.4(24)MDB18',
'12.4(24)MDB19',
'12.4(24)T',
'12.4(24)T1',
'12.4(24)T2',
'12.4(24)T3',
'12.4(24)T3e',
'12.4(24)T3f',
'12.4(24)T4',
'12.4(24)T4a',
'12.4(24)T4b',
'12.4(24)T4c',
'12.4(24)T4d',
'12.4(24)T4e',
'12.4(24)T4f',
'12.4(24)T4g',
'12.4(24)T4h',
'12.4(24)T4i',
'12.4(24)T4j',
'12.4(24)T4k',
'12.4(24)T4l',
'12.4(24)T4m',
'12.4(24)T4n',
'12.4(24)T4o',
'12.4(24)T5',
'12.4(24)T6',
'12.4(24)T7',
'12.4(24)T8',
'12.4(24)T9',
'12.4(24)T10',
'12.4(24)T11',
'12.4(24)T12',
'12.4(24)YG',
'12.4(24)YG1',
'12.4(24)YG2',
'12.4(24)YG3',
'12.4(24)YG4',
'12.4(24)YS',
'12.4(24)YS1',
'12.4(24)YS2',
'12.4(24)YS3',
'12.4(24)YS4',
'12.4(24)YS5',
'12.4(24)YS6',
'12.4(24)YS7',
'12.4(24)YS8',
'12.4(24)YS8a',
'12.4(24)YS9',
'12.4(24)YS10',
'15.0(1)EX',
'15.0(1)EY',
'15.0(1)EY1',
'15.0(1)EY2',
'15.0(1)M',
'15.0(1)M1',
'15.0(1)M2',
'15.0(1)M3',
'15.0(1)M4',
'15.0(1)M5',
'15.0(1)M6',
'15.0(1)M6a',
'15.0(1)M7',
'15.0(1)M8',
'15.0(1)M9',
'15.0(1)M10',
'15.0(1)MR',
'15.0(1)S',
'15.0(1)S1',
'15.0(1)S2',
'15.0(1)S3a',
'15.0(1)S4',
'15.0(1)S4a',
'15.0(1)S5',
'15.0(1)S6',
'15.0(1)SE',
'15.0(1)SE1',
'15.0(1)SE2',
'15.0(1)SE3',
'15.0(1)XA',
'15.0(1)XA1',
'15.0(1)XA2',
'15.0(1)XA3',
'15.0(1)XA4',
'15.0(1)XA5',
'15.0(2)EA',
'15.0(2)EA1',
'15.0(2)EJ',
'15.0(2)EJ1',
'15.0(2)EK',
'15.0(2)EK1',
'15.0(2)EX',
'15.0(2)EX1',
'15.0(2)EX2',
'15.0(2)EX3',
'15.0(2)EX4',
'15.0(2)EX5',
'15.0(2)EX6',
'15.0(2)EX7',
'15.0(2)EX8',
'15.0(2)EX10',
'15.0(2)EX11',
'15.0(2)EX12',
'15.0(2)EX13',
'15.0(2)EY',
'15.0(2)EY1',
'15.0(2)EY2',
'15.0(2)EY3',
'15.0(2)EZ',
'15.0(2)MR',
'15.0(2)SE',
'15.0(2)SE1',
'15.0(2)SE2',
'15.0(2)SE3',
'15.0(2)SE4',
'15.0(2)SE5',
'15.0(2)SE6',
'15.0(2)SE7',
'15.0(2)SE8',
'15.0(2)SE9',
'15.0(2)SE10',
'15.0(2)SE10a',
'15.0(2)SE11',
'15.0(2)SE12',
'15.0(2)SE13',
'15.0(2)SE13a',
'15.0(2)SE13b',
'15.0(2a)EX5',
'15.0(2a)SE9',
'15.1(1)S',
'15.1(1)S1',
'15.1(1)S2',
'15.1(1)SG',
'15.1(1)SG1',
'15.1(1)SG2',
'15.1(1)SY',
'15.1(1)SY1',
'15.1(1)SY2',
'15.1(1)SY3',
'15.1(1)SY4',
'15.1(1)SY5',
'15.1(1)SY6',
'15.1(1)T',
'15.1(1)T1',
'15.1(1)T2',
'15.1(1)T3',
'15.1(1)T4',
'15.1(1)T5',
'15.1(1)XB',
'15.1(1)XB1',
'15.1(1)XB2',
'15.1(1)XB3',
'15.1(2)GC',
'15.1(2)GC1',
'15.1(2)GC2',
'15.1(2)S',
'15.1(2)S1',
'15.1(2)S2',
'15.1(2)SG',
'15.1(2)SG1',
'15.1(2)SG2',
'15.1(2)SG3',
'15.1(2)SG4',
'15.1(2)SG5',
'15.1(2)SG6',
'15.1(2)SG7',
'15.1(2)SG8',
'15.1(2)SY',
'15.1(2)SY1',
'15.1(2)SY2',
'15.1(2)SY3',
'15.1(2)SY4',
'15.1(2)SY4a',
'15.1(2)SY5',
'15.1(2)SY6',
'15.1(2)SY7',
'15.1(2)SY8',
'15.1(2)SY9',
'15.1(2)SY10',
'15.1(2)SY11',
'15.1(2)SY12',
'15.1(2)SY13',
'15.1(2)SY14',
'15.1(2)SY15',
'15.1(2)SY16',
'15.1(2)T',
'15.1(2)T0a',
'15.1(2)T1',
'15.1(2)T2',
'15.1(2)T2a',
'15.1(2)T3',
'15.1(2)T4',
'15.1(2)T5',
'15.1(3)MRA',
'15.1(3)MRA1',
'15.1(3)MRA2',
'15.1(3)MRA3',
'15.1(3)MRA4',
'15.1(3)S',
'15.1(3)S0a',
'15.1(3)S1',
'15.1(3)S2',
'15.1(3)S3',
'15.1(3)S4',
'15.1(3)S5',
'15.1(3)S5a',
'15.1(3)S6',
'15.1(3)S7',
'15.1(3)SVB1',
'15.1(3)SVB2',
'15.1(3)SVD',
'15.1(3)SVD1',
'15.1(3)SVD2',
'15.1(3)SVD3',
'15.1(3)SVE',
'15.1(3)SVF',
'15.1(3)SVF1',
'15.1(3)SVF2',
'15.1(3)SVF2a',
'15.1(3)SVF4b',
'15.1(3)SVF4c',
'15.1(3)SVF4d',
'15.1(3)SVF4e',
'15.1(3)SVF4f',
'15.1(3)SVG',
'15.1(3)SVG1a',
'15.1(3)SVG1b',
'15.1(3)SVG1c',
'15.1(3)SVG2',
'15.1(3)SVG2a',
'15.1(3)SVG3',
'15.1(3)SVG3a',
'15.1(3)SVG3b',
'15.1(3)SVG3c',
'15.1(3)SVH',
'15.1(3)SVH2',
'15.1(3)SVH4',
'15.1(3)SVH4a',
'15.1(3)SVI1a',
'15.1(3)SVI2',
'15.1(3)SVI2a',
'15.1(3)SVI3',
'15.1(3)SVI3b',
'15.1(3)SVI3c',
'15.1(3)SVI31a',
'15.1(3)SVI31b',
'15.1(3)SVJ',
'15.1(3)SVJ2',
'15.1(3)SVR1',
'15.1(3)SVR2',
'15.1(3)SVR3',
'15.1(3)SVS',
'15.1(3)SVS1',
'15.1(3)SVT1',
'15.1(3)SVT2',
'15.1(3)SVT3',
'15.1(3)SVT4',
'15.1(3)SVU1',
'15.1(3)SVU2',
'15.1(3)SVU10',
'15.1(3)SVU11',
'15.1(3)SVU20',
'15.1(3)SVV1',
'15.1(3)SVV2',
'15.1(3)SVV3',
'15.1(3)SVW',
'15.1(3)SVW1',
'15.1(3)SVX',
'15.1(3)T',
'15.1(3)T1',
'15.1(3)T2',
'15.1(3)T3',
'15.1(3)T4',
'15.1(4)GC',
'15.1(4)GC1',
'15.1(4)GC2',
'15.1(4)M',
'15.1(4)M0a',
'15.1(4)M0b',
'15.1(4)M1',
'15.1(4)M2',
'15.1(4)M3',
'15.1(4)M3a',
'15.1(4)M4',
'15.1(4)M5',
'15.1(4)M6',
'15.1(4)M7',
'15.1(4)M8',
'15.1(4)M9',
'15.1(4)M10',
'15.1(4)M12a',
'15.1(4)XB4',
'15.1(4)XB5',
'15.1(4)XB5a',
'15.1(4)XB6',
'15.1(4)XB7',
'15.1(4)XB8',
'15.1(4)XB8a',
'15.2(1)E',
'15.2(1)E1',
'15.2(1)E2',
'15.2(1)E3',
'15.2(1)EY',
'15.2(1)GC',
'15.2(1)GC1',
'15.2(1)GC2',
'15.2(1)S',
'15.2(1)S1',
'15.2(1)S2',
'15.2(1)SC1a',
'15.2(1)SD1',
'15.2(1)SD2',
'15.2(1)SD3',
'15.2(1)SD4',
'15.2(1)SD6',
'15.2(1)SD6a',
'15.2(1)SD7',
'15.2(1)SD8',
'15.2(1)SY',
'15.2(1)SY0a',
'15.2(1)SY1',
'15.2(1)SY1a',
'15.2(1)SY2',
'15.2(1)SY3',
'15.2(1)SY4',
'15.2(1)SY5',
'15.2(1)SY6',
'15.2(1)SY7',
'15.2(1)SY8',
'15.2(2)E',
'15.2(2)E1',
'15.2(2)E2',
'15.2(2)E3',
'15.2(2)E4',
'15.2(2)E5',
'15.2(2)E5a',
'15.2(2)E5b',
'15.2(2)E6',
'15.2(2)E7',
'15.2(2)E7b',
'15.2(2)E8',
'15.2(2)E9',
'15.2(2)E9a',
'15.2(2)E10',
'15.2(2)E10a',
'15.2(2)E10b',
'15.2(2)EA',
'15.2(2)EA1',
'15.2(2)EA2',
'15.2(2)EA3',
'15.2(2)EB',
'15.2(2)EB1',
'15.2(2)EB2',
'15.2(2)GC',
'15.2(2)JAX',
'15.2(2)JB',
'15.2(2)JB1',
'15.2(2)JB2',
'15.2(2)JB3',
'15.2(2)JB4',
'15.2(2)JB5',
'15.2(2)JB6',
'15.2(2)S',
'15.2(2)S0a',
'15.2(2)S0c',
'15.2(2)S0d',
'15.2(2)S1',
'15.2(2)S2',
'15.2(2)SC',
'15.2(2)SC1',
'15.2(2)SC3',
'15.2(2)SC4',
'15.2(2)SY',
'15.2(2)SY1',
'15.2(2)SY2',
'15.2(2)SY3',
'15.2(2a)E1',
'15.2(2a)E2',
'15.2(2b)E',
'15.2(3)E',
'15.2(3)E1',
'15.2(3)E2',
'15.2(3)E3',
'15.2(3)E4',
'15.2(3)E5',
'15.2(3)EA',
'15.2(3)GC',
'15.2(3)GC1',
'15.2(3a)E',
'15.2(3m)E2',
'15.2(3m)E7',
'15.2(3m)E8',
'15.2(4)E',
'15.2(4)E1',
'15.2(4)E2',
'15.2(4)E3',
'15.2(4)E4',
'15.2(4)E5',
'15.2(4)E5a',
'15.2(4)E6',
'15.2(4)E7',
'15.2(4)E8',
'15.2(4)E9',
'15.2(4)E10',
'15.2(4)E10a',
'15.2(4)E10b',
'15.2(4)E10c',
'15.2(4)EA',
'15.2(4)EA1',
'15.2(4)EA2',
'15.2(4)EA3',
'15.2(4)EA4',
'15.2(4)EA5',
'15.2(4)EA6',
'15.2(4)EA7',
'15.2(4)EA8',
'15.2(4)EA9',
'15.2(4)EA9a',
'15.2(4)EC1',
'15.2(4)EC2',
'15.2(4)GC',
'15.2(4)GC1',
'15.2(4)GC2',
'15.2(4)GC3',
'15.2(4)JAZ',
'15.2(4)JB',
'15.2(4)JB1',
'15.2(4)JB2',
'15.2(4)JB3',
'15.2(4)JB3a',
'15.2(4)JB3b',
'15.2(4)JB3h',
'15.2(4)JB3s',
'15.2(4)JB4',
'15.2(4)JB5',
'15.2(4)JB5h',
'15.2(4)JB5m',
'15.2(4)JB6',
'15.2(4)JN',
'15.2(4)M',
'15.2(4)M1',
'15.2(4)M2',
'15.2(4)M3',
'15.2(4)M4',
'15.2(4)M5',
'15.2(4)M6',
'15.2(4)M6a',
'15.2(4)M6b',
'15.2(4)M7',
'15.2(4)M8',
'15.2(4)M9',
'15.2(4)M10',
'15.2(4)M11',
'15.2(4)S',
'15.2(4)S0c',
'15.2(4)S1',
'15.2(4)S1c',
'15.2(4)S2',
'15.2(4)S3',
'15.2(4)S3a',
'15.2(4)S4',
'15.2(4)S4a',
'15.2(4)S5',
'15.2(4)S6',
'15.2(4)S7',
'15.2(4)S8',
'15.2(4m)E1',
'15.2(4m)E2',
'15.2(4m)E3',
'15.2(4n)E2',
'15.2(4o)E2',
'15.2(4o)E3',
'15.2(4p)E1',
'15.2(4q)E1',
'15.2(4s)E1',
'15.2(5)E',
'15.2(5)E1',
'15.2(5)E2',
'15.2(5)E2b',
'15.2(5)E2c',
'15.2(5)EA',
'15.2(5)EX',
'15.2(5a)E',
'15.2(5a)E1',
'15.2(5b)E',
'15.2(5c)E',
'15.2(6)E',
'15.2(6)E0a',
'15.2(6)E0c',
'15.2(6)E1',
'15.2(6)E1a',
'15.2(6)E1s',
'15.2(6)E2',
'15.2(6)E2a',
'15.2(6)E2b',
'15.2(6)E3',
'15.2(6)EB',
'15.2(7)E',
'15.2(7)E0a',
'15.2(7)E0b',
'15.2(7)E0s',
'15.2(7)E1',
'15.2(7)E1a',
'15.2(7)E2',
'15.2(7)E2a',
'15.2(7)E2b',
'15.2(7)E3',
'15.2(7)E3a',
'15.2(7)E3k',
'15.2(7)E4',
'15.2(7)E5',
'15.2(7)E6',
'15.2(7a)E0b',
'15.2(7b)E0b',
'15.2(8)E',
'15.2(8)E1',
'15.2(8)E2',
'15.2(234k)E',
'15.3(0)SY',
'15.3(1)S',
'15.3(1)S1',
'15.3(1)S1e',
'15.3(1)S2',
'15.3(1)SY',
'15.3(1)SY1',
'15.3(1)SY2',
'15.3(1)T',
'15.3(1)T1',
'15.3(1)T2',
'15.3(1)T3',
'15.3(1)T4',
'15.3(2)S',
'15.3(2)S1',
'15.3(2)S2',
'15.3(2)T',
'15.3(2)T1',
'15.3(2)T2',
'15.3(2)T3',
'15.3(2)T4',
'15.3(3)JA',
'15.3(3)JA1',
'15.3(3)JA1m',
'15.3(3)JA2',
'15.3(3)JA3',
'15.3(3)JA4',
'15.3(3)JA5',
'15.3(3)JA6',
'15.3(3)JA7',
'15.3(3)JA8',
'15.3(3)JA10',
'15.3(3)JA11',
'15.3(3)JA12',
'15.3(3)JAA',
'15.3(3)JAA11',
'15.3(3)JAA12',
'15.3(3)JAB',
'15.3(3)JAX',
'15.3(3)JAX1',
'15.3(3)JAX2',
'15.3(3)JB',
'15.3(3)JBB',
'15.3(3)JBB1',
'15.3(3)JBB2',
'15.3(3)JBB4',
'15.3(3)JBB5',
'15.3(3)JBB6',
'15.3(3)JBB6a',
'15.3(3)JBB8',
'15.3(3)JC',
'15.3(3)JC1',
'15.3(3)JC2',
'15.3(3)JC3',
'15.3(3)JC4',
'15.3(3)JC5',
'15.3(3)JC6',
'15.3(3)JC8',
'15.3(3)JC9',
'15.3(3)JC14',
'15.3(3)JCA7',
'15.3(3)JCA8',
'15.3(3)JCA9',
'15.3(3)JD',
'15.3(3)JD2',
'15.3(3)JD3',
'15.3(3)JD4',
'15.3(3)JD5',
'15.3(3)JD6',
'15.3(3)JD7',
'15.3(3)JD8',
'15.3(3)JD9',
'15.3(3)JD11',
'15.3(3)JD12',
'15.3(3)JD13',
'15.3(3)JD14',
'15.3(3)JD16',
'15.3(3)JD17',
'15.3(3)JDA7',
'15.3(3)JDA8',
'15.3(3)JDA9',
'15.3(3)JDA11',
'15.3(3)JDA12',
'15.3(3)JDA13',
'15.3(3)JDA14',
'15.3(3)JDA16',
'15.3(3)JDA17',
'15.3(3)JE',
'15.3(3)JF',
'15.3(3)JF1',
'15.3(3)JF2',
'15.3(3)JF4',
'15.3(3)JF5',
'15.3(3)JF6',
'15.3(3)JF7',
'15.3(3)JF8',
'15.3(3)JF9',
'15.3(3)JF10',
'15.3(3)JF11',
'15.3(3)JF12',
'15.3(3)JF12i',
'15.3(3)JF14',
'15.3(3)JF14i',
'15.3(3)JF15',
'15.3(3)JF15i',
'15.3(3)JG',
'15.3(3)JG1',
'15.3(3)JH',
'15.3(3)JH1',
'15.3(3)JI1',
'15.3(3)JI3',
'15.3(3)JI4',
'15.3(3)JI5',
'15.3(3)JI6',
'15.3(3)JJ',
'15.3(3)JJ1',
'15.3(3)JK',
'15.3(3)JK1',
'15.3(3)JK1t',
'15.3(3)JK2',
'15.3(3)JK2a',
'15.3(3)JK3',
'15.3(3)JK4',
'15.3(3)JK5',
'15.3(3)JK6',
'15.3(3)JK7',
'15.3(3)JN',
'15.3(3)JN3',
'15.3(3)JN4',
'15.3(3)JN6',
'15.3(3)JN7',
'15.3(3)JN8',
'15.3(3)JN9',
'15.3(3)JN11',
'15.3(3)JN13',
'15.3(3)JN14',
'15.3(3)JN15',
'15.3(3)JNB',
'15.3(3)JNB1',
'15.3(3)JNB2',
'15.3(3)JNB3',
'15.3(3)JNB4',
'15.3(3)JNB5',
'15.3(3)JNB6',
'15.3(3)JNC',
'15.3(3)JNC1',
'15.3(3)JNC2',
'15.3(3)JNC3',
'15.3(3)JNC4',
'15.3(3)JND',
'15.3(3)JND1',
'15.3(3)JND2',
'15.3(3)JND3',
'15.3(3)JNP',
'15.3(3)JNP1',
'15.3(3)JNP3',
'15.3(3)JPB',
'15.3(3)JPB1',
'15.3(3)JPC',
'15.3(3)JPC1',
'15.3(3)JPC2',
'15.3(3)JPC3',
'15.3(3)JPC5',
'15.3(3)JPC100',
'15.3(3)JPD',
'15.3(3)JPI1',
'15.3(3)JPI1t',
'15.3(3)JPI4',
'15.3(3)JPI5',
'15.3(3)JPI5s',
'15.3(3)JPI6a',
'15.3(3)JPI7',
'15.3(3)JPI8a',
'15.3(3)JPI9',
'15.3(3)JPI11',
'15.3(3)JPJ2',
'15.3(3)JPJ2t',
'15.3(3)JPJ3',
'15.3(3)JPJ3a',
'15.3(3)JPJ4',
'15.3(3)JPJ5',
'15.3(3)JPJ6',
'15.3(3)JPJ7',
'15.3(3)JPJ7c',
'15.3(3)JPJ8',
'15.3(3)JPJ8a',
'15.3(3)JPJ8b',
'15.3(3)JPK',
'15.3(3)JPK1',
'15.3(3)JPK2',
'15.3(3)JPK3',
'15.3(3)JPL',
'15.3(3)M',
'15.3(3)M1',
'15.3(3)M2',
'15.3(3)M3',
'15.3(3)M4',
'15.3(3)M5',
'15.3(3)M6',
'15.3(3)M7',
'15.3(3)M8',
'15.3(3)M8a',
'15.3(3)M9',
'15.3(3)M10',
'15.3(3)S',
'15.3(3)S1',
'15.3(3)S1a',
'15.3(3)S2',
'15.3(3)S2a',
'15.3(3)S3',
'15.3(3)S4',
'15.3(3)S5',
'15.3(3)S6',
'15.3(3)S6a',
'15.3(3)S7',
'15.3(3)S8',
'15.3(3)S8a',
'15.3(3)S9',
'15.3(3)S10',
'15.3(3)XB12',
'15.4(1)CG',
'15.4(1)CG1',
'15.4(1)S',
'15.4(1)S1',
'15.4(1)S2',
'15.4(1)S3',
'15.4(1)S4',
'15.4(1)SY',
'15.4(1)SY1',
'15.4(1)SY2',
'15.4(1)SY3',
'15.4(1)SY4',
'15.4(1)T',
'15.4(1)T1',
'15.4(1)T2',
'15.4(1)T3',
'15.4(1)T4',
'15.4(2)CG',
'15.4(2)S',
'15.4(2)S1',
'15.4(2)S2',
'15.4(2)S3',
'15.4(2)S4',
'15.4(2)SN',
'15.4(2)SN1',
'15.4(2)T',
'15.4(2)T1',
'15.4(2)T2',
'15.4(2)T3',
'15.4(2)T4',
'15.4(3)M',
'15.4(3)M1',
'15.4(3)M2',
'15.4(3)M3',
'15.4(3)M4',
'15.4(3)M5',
'15.4(3)M6',
'15.4(3)M6a',
'15.4(3)M7',
'15.4(3)M7a',
'15.4(3)M8',
'15.4(3)M9',
'15.4(3)M10',
'15.4(3)S',
'15.4(3)S0d',
'15.4(3)S0e',
'15.4(3)S0f',
'15.4(3)S1',
'15.4(3)S2',
'15.4(3)S3',
'15.4(3)S4',
'15.4(3)S5',
'15.4(3)S6',
'15.4(3)S6a',
'15.4(3)S7',
'15.4(3)S8',
'15.4(3)S9',
'15.4(3)S10',
'15.4(3)SN1',
'15.4(3)SN1a',
'15.5(1)S',
'15.5(1)S1',
'15.5(1)S2',
'15.5(1)S3',
'15.5(1)S4',
'15.5(1)SN',
'15.5(1)SN1',
'15.5(1)SY',
'15.5(1)SY1',
'15.5(1)SY2',
'15.5(1)SY3',
'15.5(1)SY4',
'15.5(1)SY5',
'15.5(1)SY6',
'15.5(1)SY7',
'15.5(1)SY8',
'15.5(1)SY9',
'15.5(1)T',
'15.5(1)T1',
'15.5(1)T2',
'15.5(1)T3',
'15.5(1)T4',
'15.5(2)S',
'15.5(2)S1',
'15.5(2)S2',
'15.5(2)S3',
'15.5(2)S4',
'15.5(2)SN',
'15.5(2)T',
'15.5(2)T1',
'15.5(2)T2',
'15.5(2)T3',
'15.5(2)T4',
'15.5(2)XB',
'15.5(3)M',
'15.5(3)M0a',
'15.5(3)M1',
'15.5(3)M2',
'15.5(3)M2a',
'15.5(3)M3',
'15.5(3)M4',
'15.5(3)M4a',
'15.5(3)M4b',
'15.5(3)M4c',
'15.5(3)M5',
'15.5(3)M6',
'15.5(3)M6a',
'15.5(3)M7',
'15.5(3)M8',
'15.5(3)M9',
'15.5(3)M10',
'15.5(3)M11',
'15.5(3)M11a',
'15.5(3)M11b',
'15.5(3)S',
'15.5(3)S0a',
'15.5(3)S1',
'15.5(3)S1a',
'15.5(3)S2',
'15.5(3)S3',
'15.5(3)S4',
'15.5(3)S5',
'15.5(3)S6',
'15.5(3)S6a',
'15.5(3)S6b',
'15.5(3)S7',
'15.5(3)S8',
'15.5(3)S9',
'15.5(3)S9a',
'15.5(3)S10',
'15.5(3)S10a',
'15.5(3)S10b',
'15.5(3)SN',
'15.5(3)SN0a',
'15.6(1)S',
'15.6(1)S1',
'15.6(1)S2',
'15.6(1)S3',
'15.6(1)S4',
'15.6(1)SN',
'15.6(1)SN1',
'15.6(1)SN2',
'15.6(1)SN3',
'15.6(1)T',
'15.6(1)T0a',
'15.6(1)T1',
'15.6(1)T2',
'15.6(1)T3',
'15.6(2)S',
'15.6(2)S1',
'15.6(2)S2',
'15.6(2)S3',
'15.6(2)S4',
'15.6(2)SN',
'15.6(2)SP',
'15.6(2)SP1',
'15.6(2)SP2',
'15.6(2)SP3',
'15.6(2)SP4',
'15.6(2)SP5',
'15.6(2)SP6',
'15.6(2)SP7',
'15.6(2)SP8',
'15.6(2)SP8a',
'15.6(2)SP9',
'15.6(2)T',
'15.6(2)T0a',
'15.6(2)T1',
'15.6(2)T2',
'15.6(2)T3',
'15.6(3)M',
'15.6(3)M0a',
'15.6(3)M1',
'15.6(3)M1a',
'15.6(3)M1b',
'15.6(3)M2',
'15.6(3)M2a',
'15.6(3)M3',
'15.6(3)M3a',
'15.6(3)M4',
'15.6(3)M5',
'15.6(3)M6',
'15.6(3)M6a',
'15.6(3)M6b',
'15.6(3)M7',
'15.6(3)M8',
'15.6(3)M9',
'15.6(3)SN',
'15.6(4)SN',
'15.6(5)SN',
'15.6(7)SN',
'15.6(7)SN1',
'15.6(7)SN2',
'15.7(3)M',
'15.7(3)M0a',
'15.7(3)M1',
'15.7(3)M2',
'15.7(3)M3',
'15.7(3)M4',
'15.7(3)M4a',
'15.7(3)M4b',
'15.7(3)M5',
'15.7(3)M6',
'15.7(3)M7',
'15.7(3)M8',
'15.7(3)M9',
'15.8(3)M',
'15.8(3)M0a',
'15.8(3)M0b',
'15.8(3)M1',
'15.8(3)M1a',
'15.8(3)M2',
'15.8(3)M2a',
'15.8(3)M3',
'15.8(3)M3a',
'15.8(3)M3b',
'15.8(3)M4',
'15.8(3)M5',
'15.8(3)M6',
'15.8(3)M7',
'15.8(3)M8',
'15.9(3)M',
'15.9(3)M0a',
'15.9(3)M1',
'15.9(3)M2',
'15.9(3)M2a',
'15.9(3)M3',
'15.9(3)M3a',
'15.9(3)M3b',
'15.9(3)M4',
'15.9(3)M4a',
'15.9(3)M5'
);
var workarounds = make_list(CISCO_WORKAROUNDS['generic_workaround']);
var workaround_params = WORKAROUND_CONFIG['ios_ssh_enabled'];
var reporting = make_array(
'port' , product_info['port'],
'severity', SECURITY_WARNING,
'version' , product_info['version'],
'cmds' , make_list('show ip ssh'),
'bug_id' , 'CSCvx63027'
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
workaround_params:workaround_params,
reporting:reporting,
vuln_versions:version_list
);
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
44.4%