Any user authorized to connect to a ssh server using sshproxy
can inject options to the ssh
command executed by sshproxy
.
All versions of sshproxy
are impacted.
The problem is patched starting on version 1.6.3
The only workaround is to use the force_command
option in sshproxy.yaml
, but it’s rarely relevant.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/cea-hpc/sshproxy | lt | 1.6.3 |