CVE-2016-1335

Name of the Vulnerable Software and Affected Versions Cisco StarOS versions prior to 19.3.M0.62771 Cisco StarOS versions 20.x prior to 20.0.M0.62768

Description The issue is related to the SSH implementation in Cisco StarOS, which mishandles a multi-user public-key authentication configuration. This allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection.

Recommendations For Cisco StarOS versions prior to 19.3.M0.62771, update to version 19.3.M0.62771 or later. For Cisco StarOS versions 20.x prior to 20.0.M0.62768, update to version 20.0.M0.62768 or later.