CVE-2015-7754

CWE-20Improper Input Validation4 documents4 sources
Severity
8.1HIGH
EPSS
1.2%
top 20.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Screenos
Timeline
PublishedJan 8
Latest updateMay 17

Description

Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

NVDjuniper/screenos6.3.0

🔴Vulnerability Details

2
GHSA
GHSA-r85q-gj7v-7cm7: Juniper ScreenOS before 62022-05-17
CVEList
CVE-2015-7754: Juniper ScreenOS before 62016-01-08

📋Vendor Advisories

1
Juniper
CVE-2015-7754: Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execu2016-01-08
CVE-2015-7754 (HIGH CVSS 8.1) | Juniper ScreenOS before 6.3.0r21 | cvebase.io