Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2016-6210 — Sensitive Information Exposure in Openssh
Severity
5.9MEDIUMNVD
EPSS
92.5%
top 0.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedFeb 13
Latest updateMay 14
Description
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6
Affected Packages4 packages
🔴Vulnerability Details
4💥Exploits & PoCs
4📋Vendor Advisories
5Microsoft▶
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enum↗2017-02-21
Debian▶
CVE-2016-6210: openssh - sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password has...↗2016