Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-20012
HistorySep 15, 2021 - 8:15 p.m.

CVE-2016-20012

2021-09-1520:15:07
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

Affected configurations

NVD
Node
openbsdopensshRange8.7
Node
netappclustered_data_ontapMatch-
OR
netapphci_management_nodeMatch-
OR
netappontap_select_deploy_administration_utilityMatch-
OR
netappsolidfireMatch-

Related

cvelist 1
cbl_mariner 1
f5 1
prion 1
ubuntucve 1
cve 1
debiancve 1
openvas 1
nessus 6
photon 2
avleonov 1
cvelist
cvelist
CVE-2016-20012
2021-09-15 19:32:11
cbl_mariner
cbl_mariner
CVE-2016-20012 affecting package openssh 8.5p1-3
2021-10-14 02:25:47
f5
f5
K31902105 : OpenSSH vulnerability CVE-2016-20012
2022-10-24 00:00:00
prion
prion
Design/Logic Flaw
2021-09-15 20:15:00
ubuntucve
ubuntucve
CVE-2016-20012
2021-09-15 00:00:00
cve
cve
CVE-2016-20012
2021-09-15 20:15:07
debiancve
debiancve
CVE-2016-20012
2021-09-15 20:15:07
openvas
openvas
OpenSSH Information Disclosure Vulnerability (CVE-2016-20012)
2021-11-16 00:00:00
nessus
nessus
Photon OS 4.0: Openssh PHSA-2021-4.0-0113
2021-10-10 00:00:00
RHEL 9 : openssh (Unpatched Vulnerability)
2024-06-03 00:00:00
OpenSSH PCI Disputed Vulnerabilities.
2022-04-04 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0113
2021-10-09 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0113
2021-10-09 00:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON
Related for NVD:CVE-2016-20012
cvelist1cbl_mariner1f51prion1ubuntucve1cve1debiancve1openvas1nessus6photon2avleonov1