CVE-2023-51384
published 2023-12-18CVE-2023-51384: In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of…
PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.43%
34.1th percentile
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_sonoma | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | openssh | < openssh 1:9.2p1-2+deb12u2 (bookworm) | openssh 1:9.2p1-2+deb12u2 (bookworm) |
| msrc | azl3_openssh_9.5p1-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_openssh_9.7p1-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_openssh_8.9p1-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| openbsd | openssh | >= 0 < 1:9.2p1-2+deb12u2 | 1:9.2p1-2+deb12u2 |
| openbsd | openssh | >= 0 < 1:9.6p1-1 | 1:9.6p1-1 |
| openbsd | openssh | >= 0 < 1:9.6p1-1 | 1:9.6p1-1 |
| openbsd | openssh | >= 0 < 1:8.2p1-4ubuntu0.11 | 1:8.2p1-4ubuntu0.11 |
| openbsd | openssh | >= 0 < 1:8.9p1-3ubuntu0.6 | 1:8.9p1-3ubuntu0.6 |
| openbsd | openssh | >= 8.9 < 9.6 | 9.6 |
| paloalto | pan-os | — | — |
| paloalto | prisma_sd | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv7.0HIGH
vendor_ubuntu7.0HIGH
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
openssh vulnerabilities
osv·2024-01-03·CVSS 7.0
CVE-2021-41617 [HIGH] openssh vulnerabilities
openssh vulnerabilities
It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)
It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)
It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection. (CVE-2023-51385)
GHSA
GHSA-44xq-r8h3-q4q6: In ssh-agent in OpenSSH before 9
ghsa_unreviewed·2023-12-18
CVE-2023-51384 [MEDIUM] GHSA-44xq-r8h3-q4q6: In ssh-agent in OpenSSH before 9
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
OSV
CVE-2023-51384: In ssh-agent in OpenSSH before 9
osv·2023-12-18·CVSS 5.5
CVE-2023-51384 [MEDIUM] CVE-2023-51384: In ssh-agent in OpenSSH before 9
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CISA ICS
Siemens SIMATIC S7-1500 CPU Family
cisa_ics·2025-06-12
Siemens SIMATIC S7-1500 CPU Family
ICS Advisory
##
Siemens SIMATIC S7-1500 CPU Family
Release DateJune 12, 2025
Alert CodeICSA-25-162-05
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC S7-1500 CPU family
- Vulnerabilities: Missing Encryption of Sensitive Data, Out-of-bounds Read, Use After Free, Stack-
CISA ICS
Siemens SCALANCE W700
cisa_ics·2025-02-13
Siemens SCALANCE W700
ICS Advisory
##
Siemens SCALANCE W700
Release DateFebruary 13, 2025
Alert CodeICSA-25-044-09
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE W700
- Vulnerabilities: Double Free, Improper Restriction of Communication Channel to Intended Endpoints, Improper Resource Sh
Palo Alto
PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
vendor_paloalto·2024-04-05·CVSS 4.3
CVE-2007-2768 [MEDIUM] PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Prisma SD-WAN ION. While Prisma SD-WAN ION may include the
CVEs: CVE-2007-2768, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-20012, CVE-2016-8858, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2020-12062, CVE-2021-41617, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-28531, CVE-2023-38408, CVE-2023-51384, CVE-2023-51385, CVE-2023-51767
Affected products: Prisma SD
Apple
CVE-2023-51384: macOS Sonoma 14.4
vendor_apple·2024-03-07·CVSS 5.5
CVE-2023-51384 [MEDIUM] CVE-2023-51384: macOS Sonoma 14.4
Apple Security Update: About the security content of macOS Sonoma 14.4
Product: macOS Sonoma
Version: 14.4
CVE: CVE-2023-51384
Component: CVE-2023-51384
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-02-14·CVSS 9.8
CVE-2017-18342 [CRITICAL] PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2017-18342, CVE-2017-8923, CVE-2017-9120, CVE-2019-1551, CVE-2019-16865, CVE-2019-16905, CVE-2019-19523, CVE-2019-19528, CVE-2019-19911, CVE-2020-0404, CVE-2020-0431, CVE-2020-0466, CVE-2020-10379, CVE-2020-11538, CVE-2020-11608, CVE-2020-12114, CVE-2020-12321, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13757, CVE-2020-14314, CVE-2020-14351, CVE-2020-15778, CVE-2020-1967, CVE-2020-24394, CVE-2020-24504, CVE-2020-25211, CVE-2020-25212, CVE-2020-25284, CVE-2020-25285, CVE-2020-25717, CVE-2020-26541, CVE-2020-2715
Ubuntu
OpenSSH vulnerabilities
vendor_ubuntu·2024-01-03·CVSS 7.0
CVE-2021-41617 [HIGH] OpenSSH vulnerabilities
Title: OpenSSH vulnerabilities
Summary: Several security issues were fixed in OpenSSH.
It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)
It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)
It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection.
Red Hat
openssh: destination constraints only apply to first PKCS#11 key
vendor_redhat·2023-12-18·CVSS 5.5
CVE-2023-51384 [MEDIUM] CWE-304 openssh: destination constraints only apply to first PKCS#11 key
openssh: destination constraints only apply to first PKCS#11 key
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
A flaw was found in OpenSSH. When specifying destination constraints while adding PKCS#11-hosted private keys, the constraints only apply to the first key even in cases where the token returns multiple keys.
Statement: This vulnerability only applies to instances where destination constraints are defined and multiple keys are returned from a PKCS#11 token. Use of regular private keys, FIDO tokens and unconstrained keys are unaffected.
The a
Microsoft
In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constrai
vendor_msrc·2023-12-12·CVSS 5.5
CVE-2023-51384 [MEDIUM] In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constrai
In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constraints are only applied to the first key even if a PKCS#11 token returns multiple keys.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for
Debian
CVE-2023-51384: openssh - In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incom...
vendor_debian·2023·CVSS 5.5
CVE-2023-51384 [MEDIUM] CVE-2023-51384: openssh - In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incom...
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
Scope: local
bookworm: resolved (fixed in 1:9.2p1-2+deb12u2)
bullseye: resolved
forky: resolved (fixed in 1:9.6p1-1)
sid: resolved (fixed in 1:9.6p1-1)
trixie: resolved (fixed in 1:9.6p1-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2024/Mar/21https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754bhttps://security.netapp.com/advisory/ntap-20240105-0005/https://support.apple.com/kb/HT214084https://www.debian.org/security/2023/dsa-5586https://www.openssh.com/txt/release-9.6https://www.openwall.com/lists/oss-security/2023/12/18/2http://seclists.org/fulldisclosure/2024/Mar/21https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754bhttps://security.netapp.com/advisory/ntap-20240105-0005/https://support.apple.com/kb/HT214084https://www.debian.org/security/2023/dsa-5586https://www.openssh.com/txt/release-9.6https://www.openwall.com/lists/oss-security/2023/12/18/2https://cert-portal.siemens.com/productcert/html/ssa-082556.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-769027.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-794697.html
2023-12-18
Published