Back

CVE-2024-34713

May 14, 2024, 7:17 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

sshproxy

  • 1.6.3 and later

sshproxy

  • before 1.6.3

Source

security-advisories@github.com

Tags

security-advisories@github.com
CWE-77
2024-05-14
CVE-2024-34713

CVE-2024-34713 details

Published : May 14, 2024, 4:17 p.m.
Last Modified : May 14, 2024, 7:17 p.m.

Description

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using `sshproxy` can inject options to the `ssh` command executed by `sshproxy`. All versions of `sshproxy` are impacted. The problem is patched starting in version 1.6.3. The only workaround is to use the `force_command` option in `sshproxy.yaml`, but it's rarely relevant.

CVSS Score

1 2 3.5 4 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

Base Score

3.5

Exploitability Score

Impact Score

Base Severity

LOW

Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

References

URL Source
https://github.com/cea-hpc/sshproxy/commit/f7eabd05d5f0f951e160293692327cad9a7d9580 security-advisories@github.com
https://github.com/cea-hpc/sshproxy/security/advisories/GHSA-jmqp-37m5-49wh security-advisories@github.com
This website uses the NVD API, but is not approved or certified by it.