7.8
CVE-2008-0536
- EPSS 4.32%
- Veröffentlicht 22.05.2008 13:09:00
- Zuletzt bearbeitet 16.06.2026 22:49:49
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Service Control Engine Version <= 3.1.6
Cisco ≫ Service Control Engine Version3.0
Icon-labs ≫ Iconfidant Ssh Version <= 2.3.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.32% | 0.899 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
http://secunia.com/advisories/30316
http://secunia.com/advisories/30590
http://securitytracker.com/id?1020074
http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtml
http://www.icon-labs.com/news/read.asp?newsID=77
http://www.kb.cert.org/vuls/id/626979
http://www.securityfocus.com/bid/29316
http://www.securityfocus.com/bid/29609
http://www.vupen.com/english/advisories/2008/1604/references
http://www.vupen.com/english/advisories/2008/1774/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42566