Lucene search

GitHub_MCVE-2023-28113

HistoryMar 16, 2023 - 9:15 p.m.

CVE-2023-28113

2023-03-1621:15:13

CWE-358

CWE-20

CWE-347

GitHub_M

web.nvd.nist.gov

cve-2023-28113

russh

rust

ssh

security

vulnerability

interoperability

eavesdropping

confidentiality

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.002

Percentile

53.4%

JSON

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those of a russh peer with some other misbehaving peer are most likely to be problematic. These may vulnerable to eavesdropping. Most other implementations reject such keys, so this is mainly an interoperability issue in such a case. This issue is fixed in versions 0.36.2 and 0.37.1

Affected configurations

Nvd

Vulners

Node

russh_projectrusshRange0.34.0–0.36.2rust

russh_projectrusshMatch0.37.0-rust

russh_projectrusshMatch0.37.0beta1rust

VendorProductVersionCPE
russh_projectrussh*cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*
russh_projectrussh0.37.0cpe:2.3:a:russh_project:russh:0.37.0:-:*:*:*:rust:*:*
russh_projectrussh0.37.0cpe:2.3:a:russh_project:russh:0.37.0:beta1:*:*:*:rust:*:*

Vendor	Product	Version	CPE
russh_project	russh	*	cpe:2.3:a:russh_project:russh::::::rust::*
russh_project	russh	0.37.0	cpe:2.3:a:russh_project:russh:0.37.0:-::::rust::*
russh_project	russh	0.37.0	cpe:2.3:a:russh_project:russh:0.37.0:beta1::::rust::*

CNA Affected

[
  {
    "vendor": "warp-tech",
    "product": "russh",
    "versions": [
      {
        "version": "0.34.0",
        "status": "affected",
        "lessThan": "0.34.0*",
        "versionType": "custom"
      },
      {
        "version": "0.36.2",
        "status": "affected",
        "lessThan": "0.36.2",
        "versionType": "custom"
      },
      {
        "version": "0.37.0",
        "status": "affected",
        "lessThan": "0.37.0*",
        "versionType": "custom"
      },
      {
        "version": "0.37.1",
        "status": "affected",
        "lessThan": "0.37.1",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/warp-tech/russh/blob/master/russh/src/kex/dh/groups.rs#L72-L76

github.com/warp-tech/russh/blob/master/russh/src/kex/dh/groups.rs#L78-L81

github.com/warp-tech/russh/commit/d831a3716d3719dc76f091fcea9d94bd4ef97c6e

github.com/warp-tech/russh/releases/tag/v0.36.2

github.com/warp-tech/russh/releases/tag/v0.37.1

github.com/warp-tech/russh/security/advisories/GHSA-cqvm-j2r2-hwpg

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.002

Percentile

53.4%

JSON

Related for CVE-2023-28113