CVE-2016-20012
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
** EN DISPTUTA ** OpenSSH versiones hasta 8.7, permite a atacantes remotos, que presentan la sospecha de que una determinada combinación de nombre de usuario y clave pública es conocida por un servidor SSH, comprobar si esta sospecha es correcta. Esto ocurre porque es enviado un desafío sólo cuando esa combinación podría ser válida para una sesión de inicio de sesión. NOTA: el proveedor no reconoce la enumeración de usuarios como una vulnerabilidad para este producto
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-09-15 CVE Reserved
- 2021-09-15 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-08-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097 | Issue Tracking | |
| https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185 | Issue Tracking | |
| https://security.netapp.com/advisory/ntap-20211014-0005 | Third Party Advisory |
|
| https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak | Third Party Advisory | |
| https://www.openwall.com/lists/oss-security/2018/08/24/1 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265 | 2024-08-06 | |
| https://rushter.com/blog/public-ssh-keys | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/openssh/openssh-portable/pull/270 | 2024-05-17 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openbsd Search vendor "Openbsd" | Openssh Search vendor "Openbsd" for product "Openssh" | <= 8.7 Search vendor "Openbsd" for product "Openssh" and version " <= 8.7" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Clustered Data Ontap Search vendor "Netapp" for product "Clustered Data Ontap" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Management Node Search vendor "Netapp" for product "Hci Management Node" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Ontap Select Deploy Administration Utility Search vendor "Netapp" for product "Ontap Select Deploy Administration Utility" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Solidfire Search vendor "Netapp" for product "Solidfire" | - | - |
Affected
| ||||||