Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-1730

Опубликовано: 13 апр. 2020
Источник: nvd
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*
Версия от 0.8.0 (включая) до 0.8.9 (исключая)
cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*
Версия от 0.9.0 (включая) до 0.9.4 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*
Версия до 8.0.21 (включая)

EPSS

Процентиль: 23%
0.00076
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476
CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2020-1730

CVSS3: 5.3
ubuntu
почти 6 лет назад

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

redhat логотип

CVE-2020-1730

CVSS3: 5.3
redhat
почти 6 лет назад

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

debian логотип

CVE-2020-1730

CVSS3: 5.3
debian
почти 6 лет назад

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in t ...

suse-cvrf логотип

openSUSE-SU-2020:0510-1

suse-cvrf
почти 6 лет назад

Security update for libssh

suse-cvrf логотип

SUSE-SU-2020:0968-1

suse-cvrf
почти 6 лет назад

Security update for libssh

EPSS

Процентиль: 23%
0.00076
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476
CWE-476