4.8 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
libssh.so is vulnerable to Command Injection. The vulnerability is due to insufficient validation of the hostname
parameter in the URI parsing process. This allows attackers to use ProxyCommand
or the ProxyJump
features to exploit and inject malicious code via the unchecked hostname
parameter on the client.
access.redhat.com/errata/RHSA-2024:2504
access.redhat.com/errata/RHSA-2024:3233
access.redhat.com/security/cve/CVE-2023-6004
bugzilla.redhat.com/show_bug.cgi?id=2251110
git.libssh.org/projects/libssh.git/commit/?id=95c6f880ef1539635bb82a134f7b8a06a46887ca
lists.fedoraproject.org/archives/list/[email protected]/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
security.netapp.com/advisory/ntap-20240223-0004/
www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/
www.libssh.org/security/advisories/CVE-2023-6004.txt
4.8 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%