0.107 Low
EPSS
Percentile
95.1%
A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses.
0.107 Low
EPSS
Percentile
95.1%