Lucene search

K
cvelistMitreCVELIST:CVE-2018-7750
HistoryMar 13, 2018 - 6:00 p.m.

CVE-2018-7750

2018-03-1318:00:00
mitre
www.cve.org

9.6 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.