CVE-2021-41617

CWE-269 — Improper Privilege Management CWE-27310 documents8 sources

Severity

7.0HIGH

EPSS

0.3%

top 49.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh Fedoraproject Fedora Oracle Http Server +2 more

Timeline

PublishedSep 26

Latest updateJan 3

Description

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages6 packages

▶NVDopenbsd/openssh6.2 — 8.8

▶Debianopenssh< 1:8.4p1-5+deb11u3+3

▶Ubuntuopenssh< 1:8.2p1-4ubuntu0.11+1

▶NVDoracle/http_server12.2.1.2.0, 12.2.1.3.0, 12.2.1.4.0+2

▶NVDoracle/zfs_storage_appliance_kit8.8

Also affects: Fedora 33, 34, 35

Patches

Patch: bugzilla.suse.com ↗Patch: www.oracle.com ↗Patch: bugzilla.suse.com ↗

🔴Vulnerability Details

OSV

openssh vulnerabilities↗2024-01-03

▶

GHSA

GHSA-mxh4-p4w6-g844: sshd in OpenSSH 6↗2022-05-24

▶

CVEList

CVE-2021-41617: sshd in OpenSSH 6↗2021-09-26

▶

OSV

CVE-2021-41617: sshd in OpenSSH 6↗2021-09-26

▶

📋Vendor Advisories

Ubuntu

OpenSSH vulnerabilities↗2024-01-03

▶

Ubuntu

OpenSSH vulnerability↗2022-10-10

▶

Red Hat

openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured↗2021-09-26

▶

Microsoft

sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for↗2021-09-14

▶

Debian

CVE-2021-41617: openssh - sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurati...↗2021

▶