CVE-2012-0386

high

Description

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74404

http://www.securitytracker.com/id?1026866

http://www.securityfocus.com/bid/52752

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-ssh

http://secunia.com/advisories/48641

http://secunia.com/advisories/48609

http://osvdb.org/80695

Details

Source: Mitre, NVD

Published: 2012-03-29

Updated: 2017-12-13

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High