⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.
CVE-2018-20685 — Incorrect Authorization in Openssh
Severity
5.3MEDIUMNVD
EPSS
3.4%
top 12.60%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJan 10
Latest updateMay 13
Description
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6
Affected Packages12 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.0, 8.0, 8.1, 8.2, 8.4, 8.6