CVE-2016-20012

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session.
Configurations

Configuration 1 (hide)

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Information

Published : 2021-09-15 13:15

Updated : 2021-11-30 12:17


NVD link : CVE-2016-20012

Mitre link : CVE-2016-20012


JSON object : View

Products Affected

netapp

  • clustered_data_ontap
  • solidfire
  • ontap_select_deploy_administration_utility
  • hci_management_node

openbsd

  • openssh