High

CVE-2002-1646 - Unspecified vulnerability in SSH Secure Shell FOR Servers

Publication: 2002-12-31
Summary

SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • SSH Secure Shell FOR Servers 3.0
  • SSH Secure Shell FOR Servers 3.0.1
  • SSH Secure Shell FOR Servers 3.1
  • SSH Secure Shell FOR Servers 3.1.1