Detections
Analytics

CVE-2018-7750

critical

Description

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.

References

https://www.exploit-db.com/exploits/45712/

https://usn.ubuntu.com/3603-2/

https://usn.ubuntu.com/3603-1/

https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html

https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html

https://github.com/paramiko/paramiko/issues/1175

https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516

https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst

https://access.redhat.com/errata/RHSA-2018:1972

https://access.redhat.com/errata/RHSA-2018:1525

https://access.redhat.com/errata/RHSA-2018:1328

https://access.redhat.com/errata/RHSA-2018:1274

https://access.redhat.com/errata/RHSA-2018:1213

https://access.redhat.com/errata/RHSA-2018:1125

https://access.redhat.com/errata/RHSA-2018:1124

https://access.redhat.com/errata/RHSA-2018:0646

https://access.redhat.com/errata/RHSA-2018:0591

http://www.securityfocus.com/bid/103713

Details

Source: Mitre, NVD

Published: 2018-03-13

Updated: 2022-04-18

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical