CVE-2018-15919 — Sensitive Information Exposure in Openssh

CWE-200 — Sensitive Information Exposure8 documents7 sources

Severity

5.3MEDIUMNVD

EPSS

2.1%

top 16.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedAug 28

Latest updateMay 14

Description

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDopenbsd/openssh5.9 — 7.8

Patches

Patch: seclists.org ↗Patch: seclists.org ↗

🔴Vulnerability Details

GHSA

GHSA-rj3q-q9f3-gr2v: Remotely observable behaviour in auth-gss2↗2022-05-14

▶

CVEList

CVE-2018-15919: Remotely observable behaviour in auth-gss2↗2018-08-28

▶

OSV

CVE-2018-15919: Remotely observable behaviour in auth-gss2↗2018-08-28

▶

📋Vendor Advisories

Red Hat

openssh: User enumeration via malformed packets in authentication requests↗2018-08-28

▶

Debian

CVE-2018-15919: openssh - Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be use...↗2018

▶

💬Community

Bugzilla

CVE-2018-15919 openssh: User enumeration via malformed packets in authentication requests↗2018-08-28

▶

Bugzilla

CVE-2018-15919 openssh: User enumeration via malformed packets in authentication requests [fedora-all]↗2018-08-28

▶