7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
OpenSSH is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE.
CVEID:CVE-2020-15778
**DESCRIPTION:**OpenSSH could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation in the remote function in scp.c. By opening a specially crafted file containing backtick characters in the destination argument, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/185805 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Netezza Host Management | All Host Management versions starting 5.3.5.1 |
None
The way scp is based on a historical protocol called rcp which relies on that style of argument passing and therefore encounters expansion problems.
Therefore to mitigate CVE-2020-15778 we suggest below method to copy files and directories between two servers.
cd file_dir_path
tar zcf - file_name | ssh user@remote_host ‘tar zxf - -C remote_dir_path’
file_dir_path : path to the directory where the file ‘file_name’ exists
file_name : name of the file that needs to be copied
remote_dir_path : destination path in the remote host where file_name has to be pasted
Example:
[root@nzhost ~]# ll local_dir/simple.txt
-rw-r–r-- 1 root root 6 Sep 23 08:45 local_dir/simple.txt
[root@nzhost ~]#cd local_dir
[root@nzhost local_dir]# tar zcf - simple.txt | ssh root@ha2 ‘tar zxf - -C /root/remote_dir’
ssh root@remote_host ‘cd /file_dir_path ; tar zcf - file_name’ | tar zxf - -C local_dir_path
file_dir_path : path to the directory in the remote host where file_name exists
local_dir_path : path in the local host where file ‘file_name’ has to be pasted
** Example:**
[root@nzhost ~]# ssh root@ha2 ‘cd /root/remote_dir; tar zcf - pullme.txt’ | tar zxf - -C /root/local_dir
cd dir_containing_local_dir
tar zcf - local_dir | ssh user@remote_host ‘tar zxf - -C remote_dir_path’
dir_containing_local_dir : path to the directory that contains local_dir
local_dir : directory that needs to be copied
remote_dir_path : destination path in the remote host where local_dir has to be pasted
Example:
[root@nzhost /]# ll -d /root/local_dir/
drwxr-xr-x 4 root root 4096 Sep 25 03:00 /root/local_dir/
[root@nzhost /]# cd /root;
[root@nzhost ~]# tar zcf - local_dir | ssh root@ha2 ‘tar zxf - -C /root/remote_dir’
ssh root@remote_host ‘cd /dir_containing_remote_dir; tar zcf - remote_dir’ | tar zxf - -C local_dir_path
dir_containing_remote_dir : path to the directory in the remote host that contains remote_dir
remote_dir : directory that need to be copied
local_dir_path : path in the local host where remote_dir has to be pasted
** Example:**
[root@nzhost ~]# ssh root@ha2 ‘cd /root; tar zcf - remote_dir’ | tar zxf - -C /root/local_dir
CPE | Name | Operator | Version |
---|---|---|---|
ibm puredata system | eq | any |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P