DNA View

Critical Severity Vulnerability

This vulnerability has been rated as Critical severity. Immediate action is recommended.

CVE-2016-1908

Critical

Low Medium High Critical

9.8

CVSS Score

Published: Apr 11, 2017

Last Modified: Apr 20, 2025

CWE: CWE-287

Vulnerability Description

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

24 configuration(s) from 3 vendor(s)

debian_linux

Version:

8.0

CPE:

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

linux

Version:

CPE:

cpe:2.3:o:oracle:linux:7:8:*:*:*:*:*:*

linux

Version:

CPE:

cpe:2.3:o:oracle:linux:6:10:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.5

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*

enterprise_linux_workstation

Version:

7.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*

enterprise_linux_server_aus

Version:

7.4

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.2

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*

enterprise_linux_server

Version:

6.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x86:*

enterprise_linux_server_tus

Version:

7.6

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.6

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.7

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*

enterprise_linux_server

Version:

7.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:x64:*

enterprise_linux_server_tus

Version:

7.2

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.3

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*

enterprise_linux_eus

Version:

7.4

CPE:

cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*

enterprise_linux_server_aus

Version:

7.6

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

enterprise_linux_server_aus

Version:

7.3

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

enterprise_linux_desktop

Version:

7.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*

enterprise_linux_server_aus

Version:

7.7

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*

enterprise_linux_server_aus

Version:

7.2

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

enterprise_linux_desktop

Version:

6.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*

enterprise_linux_server_tus

Version:

7.3

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

enterprise_linux_server_tus

Version:

7.7

CPE:

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

enterprise_linux_workstation

Version:

6.0

CPE:

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x86:*

This vulnerability affects 24 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

9.8

out of 10.0

Critical

Weakness Type (CWE)

CWE-287 Top 25 #10

Improper Authentication

Description: When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Exploit Likelihood: High
Typical Severity: High
OWASP Top 10: A07:2021-Identification/Auth Failures
Abstraction Level: Class