{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-22T22:24:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/openssh/openssh-portable/pull/270"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265"}, {"tags": ["x_refsource_MISC"], "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak"}, {"tags": ["x_refsource_MISC"], "url": "https://rushter.com/blog/public-ssh-keys/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20211014-0005/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openwall.com/lists/oss-security/2018/08/24/1"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-20012", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/openssh/openssh-portable/pull/270", "refsource": "MISC", "url": "https://github.com/openssh/openssh-portable/pull/270"}, {"name": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265", "refsource": "MISC", "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265"}, {"name": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak", "refsource": "MISC", "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak"}, {"name": "https://rushter.com/blog/public-ssh-keys/", "refsource": "MISC", "url": "https://rushter.com/blog/public-ssh-keys/"}, {"name": "https://security.netapp.com/advisory/ntap-20211014-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211014-0005/"}, {"name": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097", "refsource": "MISC", "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097"}, {"name": "https://www.openwall.com/lists/oss-security/2018/08/24/1", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2018/08/24/1"}, {"name": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185", "refsource": "MISC", "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:47:34.948Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openssh/openssh-portable/pull/270"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://rushter.com/blog/public-ssh-keys/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20211014-0005/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2018/08/24/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-20012", "datePublished": "2021-09-15T19:32:11", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-06T03:47:34.948Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E1A0346-2185-4EE6-AC3A-DE31E6A21AE4", "versionEndIncluding": "8.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product"}, {"lang": "es", "value": "** EN DISPTUTA ** OpenSSH versiones hasta 8.7, permite a atacantes remotos, que presentan la sospecha de que una determinada combinaci\u00f3n de nombre de usuario y clave p\u00fablica es conocida por un servidor SSH, comprobar si esta sospecha es correcta. Esto ocurre porque es enviado un desaf\u00edo s\u00f3lo cuando esa combinaci\u00f3n podr\u00eda ser v\u00e1lida para una sesi\u00f3n de inicio de sesi\u00f3n. NOTA: el proveedor no reconoce la enumeraci\u00f3n de usuarios como una vulnerabilidad para este producto"}], "id": "CVE-2016-20012", "lastModified": "2024-11-21T02:47:33.240", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-15T20:15:07.310", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://rushter.com/blog/public-ssh-keys/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211014-0005/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2018/08/24/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-920577097"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/openssh/openssh-portable/pull/270#issuecomment-943909185"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://rushter.com/blog/public-ssh-keys/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211014-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2018/08/24/1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "openssh: Public key information leak", "id": "2048523", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048523"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-200", "details": ["OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product"], "name": "CVE-2016-20012", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "openssh", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "openssh", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "openssh", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "openssh", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2016-02-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-20012\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-20012"], "statement": "Although a CVE was assigned upstream and Red Hat doesn't consider it to be a security flaw and won't receive any patch, also the CVE was made as disputed by MITRE. Considering that Red Hat is closing this flaw as NOTABUG.", "threat_severity": "Low"}