CVE-2018-16499
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using man-in-the-middle attacks. Usage of unapproved SSH encryption protocols or cipher suites also violates the Data Protection TSR (Technical Security Requirements).
En VOS comprometido, un atacante en los endpoints de la red posiblemente puede visualizar las comunicaciones entre un usuario desprevenido y el servicio mediante ataques de tipo man-in-the-middle. El uso de protocolos de cifrado SSH o conjuntos de cifrado no aprobados también viola los TSR de protección de datos (Requisitos Técnicos de Seguridad)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-09-04 CVE Reserved
- 2021-05-26 CVE Published
- 2024-02-09 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-326: Inadequate Encryption Strength
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://hackerone.com/reports/1168196 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Versa-networks Search vendor "Versa-networks" | Versa Operating System Search vendor "Versa-networks" for product "Versa Operating System" | - | - |
Affected
| ||||||