4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.9%
Software: openssh 8.0p1
OS: ROSA Virtualization 2.1
package_evr_string: openssh-8.0p1
CVE-ID: CVE-2019-16905
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: OpenSSH, when compiled with an experimental key type, has an integer overflow before authentication if the client or server is configured to use a crafted XMSS key. This causes memory corruption and local code execution due to a bug in the XMSS key analysis algorithm. NOTE. The XMSS implementation is considered experimental in all released versions of OpenSSH, and there is no supported way to enable it when creating a portable OpenSSH.
CVE-STATUS: Not relevant
CVE-REV:
CVE-ID: CVE-2021-36368
BDU-ID: None
CVE-Crit: LOW
CVE-DESC.: If a client is using public key authentication with agent forwarding but without -oLogLevel=verbose, and the attacker has silently modified the server to support the None authentication option, the user cannot determine whether FIDO authentication will confirm that the user wants to connect to this server or that the user wants to allow this server to connect to another server on behalf of the user.
CVE-STATUS: Not Relevant
CVE-REV:
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.9%