6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
67.5%
OpenSSH is susceptible to an OS command injection flaw because it fails to adequately validate user names or host names that include shell metacharacters. This flaw enables attackers to exploit these names through an expansion token in certain scenarios, such as when a submodule in an untrusted Git repository uses a user name or host name with these special characters, potentially resulting in command injection.
seclists.org/fulldisclosure/2024/Mar/21
www.openwall.com/lists/oss-security/2023/12/26/4
github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
lists.debian.org/debian-lts-announce/2023/12/msg00017.html
secdb.alpinelinux.org/v3.17/main.yaml
security.gentoo.org/glsa/202312-17
security.netapp.com/advisory/ntap-20240105-0005/
support.apple.com/kb/HT214084
vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
www.debian.org/security/2023/dsa-5586
www.openssh.com/txt/release-9.6
www.openwall.com/lists/oss-security/2023/12/18/2
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
67.5%