CVE-2010-0137Cisco IOS XR vulnerability

CWE-3994 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.3%
top 20.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XR
Timeline
PublishedJan 21
Latest updateMay 2

Description

Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios_xr9 versions+8

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-qhpf-56xh-5j88: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 32022-05-02
CVEList
CVE-2010-0137: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 32010-01-21

📋Vendor Advisories

1
Cisco
Cisco IOS XR Software SSH Denial of Service Vulnerability2010-01-20
CVE-2010-0137 — Cisco IOS XR vulnerability | cvebase