CVE-2008-0535
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device instability) via "SSH credentials that attempt to change the authentication method," aka Bug ID CSCsm14239.
Una vulnerabilidad no especificada en el servidor SSH en (1) Cisco Service Control Engine (SCE) versiones anteriores a 3.1.6, y (2) Icon Labs Iconfidant SSH versiones anteriores a 2.3.8, permite a los atacantes remotos causar una denegaciĆ³n de servicio (inestabilidad del dispositivo) por medio de "SSH credentials that attempt to change the authentication method," tambiĆ©n se conoce como ID de Bug CSCsm14239.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-01-31 CVE Reserved
- 2008-05-22 CVE Published
- 2023-09-19 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-255: Credentials Management Errors
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1020074 | Vdb Entry | |
| http://www.icon-labs.com/news/read.asp?newsID=77 | X_refsource_confirm | |
| http://www.kb.cert.org/vuls/id/626979 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/29316 | Vdb Entry | |
| http://www.securityfocus.com/bid/29609 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42567 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtml | 2017-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/30316 | 2017-08-08 | |
| http://secunia.com/advisories/30590 | 2017-08-08 | |
| http://www.vupen.com/english/advisories/2008/1604/references | 2017-08-08 | |
| http://www.vupen.com/english/advisories/2008/1774/references | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Service Control Engine Search vendor "Cisco" for product "Service Control Engine" | <= 3.1.5 Search vendor "Cisco" for product "Service Control Engine" and version " <= 3.1.5" | - |
Affected
| ||||||
| Icon-labs Search vendor "Icon-labs" | Iconfidant Ssh Search vendor "Icon-labs" for product "Iconfidant Ssh" | <= 2.3.7 Search vendor "Icon-labs" for product "Iconfidant Ssh" and version " <= 2.3.7" | - |
Affected
| ||||||