Amazon Linux 2 : openssh (ALAS-2023-2376)

high Nessus Plugin ID 187063

Version 1.7

Dec 12, 2024, 9:55 AM

  • CVSS metrics ("Cvssv4 score" set to 9.3)
  • CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:P")
  • CVSS metrics ("Cvssv4 vector" set to "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N")
  • Detection (updated detection logic)
  • Plugin metadata

Plugin Feed: 202412120955

Version 1.6

Dec 29, 2023, 4:38 PM

  • CVSS metrics ("CVSSv2 score" set to 5.4. "CVSSv3 score" set to 5.9. "CVSSv2 vector" set to "CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N". "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N")
  • CVSSv2 severity (based on CVE-2023-48795, severity decreased from "High" to "Medium")
  • CVSSv3 severity (based on None, severity decreased from "High" to "Medium")

Plugin Feed: 202312291638

Version 1.5

Dec 22, 2023, 1:07 PM

  • IAVM reference
  • STIG Severity

Plugin Feed: 202312221307

Version 1.4

Dec 21, 2023, 2:29 PM

  • CVSS metrics ("CVSSv3 score" set to 9.1. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H")

Plugin Feed: 202312211429

Version 1.4

Dec 22, 2023, 10:57 AM

  • IAVM reference
  • STIG Severity (set to "II")

Plugin Feed: 202312221057

Version 1.3

Dec 20, 2023, 2:36 PM

  • CVSS metrics ("CVSSv2 score" set to 9.0. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv3 score" set to 9.8. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:P")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202312201436

Version 1.3

Dec 21, 2023, 12:32 PM

  • CVSS metrics ("CVSSv3 score" set to 9.1)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H")

Plugin Feed: 202312211232

Version 1.2

Dec 20, 2023, 8:48 AM

  • Plugin metadata

Plugin Feed: 202312200848

Version 1.2

Dec 20, 2023, 12:39 PM

  • CVSS metrics ("CVSSv2 score" set to 9.0)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:P")
  • CVSS metrics ("CVSSv3 score" set to 9.8)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202312201239

Version 1.1

Dec 19, 2023, 8:16 PM

  • CVSS metrics ("CVSSv2 score" set to 7.5. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N". "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P". "CVSSv3 score" set to 7.5)
  • CVSSv2 severity (based on CVE-2023-48795, severity increased from "Medium" to "High")

Plugin Feed: 202312192016

Version 1.0

Dec 19, 2023, 12:08 AM

  • New

Plugin Feed: 202312190008

* Changelogs are generally available for changes made after Nov 1, 2022