CVE-2016-1335

The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.

Severity	HIGH
CVSS	7.5
CWE	CWE-264
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory
Cisco SR 500 Secure Routers	cisco-sa-20160218-asr
Cisco Nexus Dashboard	cisco-sa-20160218-asr
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-20160218-asr
Cisco ASR 5000 Series Software	cisco-sa-20160218-asr