RVD#102: OTA OpenSSH version vulnerable to user enumeration attacks #102
Description
{
"id": 102,
"title": "RVD#102: OTA OpenSSH version vulnerable to user enumeration attacks",
"type": "vulnerability",
"description": "The OpenSSH server version 7.6p1 is vulnerable to user enumeration attacks by timing.",
"cwe": "CWE-Brute Force (CWE-307)",
"cve": "None",
"keywords": [
"malformed",
"robot",
"robot: MARA",
"severity: medium",
"vendor: Acutronic Robotics",
"vulnerability"
],
"system": "MARA",
"vendor": "Acutronic Robotics",
"severity": {
"rvss-score": 5.3,
"rvss-vector": "RVSS:1.0/AV:RN/AC:L/PR:N/UI:N/Y:Z/S:U/C:L/I:N/A:N/H:N",
"severity-description": "medium",
"cvss-score": 5.3,
"cvss-vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
"links": [
"https://github.com/aliasrobotics/RVD/issues/102"
],
"flaw": {
"phase": "unknown",
"specificity": "N/A",
"architectural-location": "N/A",
"application": "N/A",
"subsystem": "N/A",
"package": "N/A",
"languages": "None",
"date-detected": "2019-02-10",
"detected-by": "",
"detected-by-method": "N/A",
"date-reported": "2019-02-10",
"reported-by": "",
"reported-by-relationship": "N/A",
"issue": "https://github.com/aliasrobotics/RVD/issues/102",
"reproducibility": "",
"trace": null,
"reproduction": "",
"reproduction-image": ""
},
"exploitation": {
"description": "",
"exploitation-image": "",
"exploitation-vector": ""
},
"mitigation": {
"description": "",
"pull-request": "",
"date-mitigation": null
}
}