CVE-2023-51385 — OS Command Injection in Openssh

CWE-78 — OS Command Injection13 documents10 sources

Severity

6.5MEDIUMNVD

EPSS

16.5%

top 5.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh Debian Linux

Timeline

PublishedDec 18

Latest updateSep 16

Description

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶NVDopenbsd/openssh< 9.6

▶Debianopenbsd/openssh< 1:8.4p1-5+deb11u3+3

Also affects: Debian Linux 10.0, 11.0, 12.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

openssh vulnerabilities↗2024-01-03

▶

CVEList

CVE-2023-51385: In ssh in OpenSSH before 9↗2023-12-18

▶

GHSA

GHSA-5mq4-x9g5-4vc4: In ssh in OpenSSH before 9↗2023-12-18

▶

OSV

CVE-2023-51385: In ssh in OpenSSH before 9↗2023-12-18

▶

📋Vendor Advisories

Ubuntu

OpenSSH vulnerability↗2024-09-16

▶

Apple

CVE-2023-51385: macOS Sonoma 14.4↗2024-03-07

▶

Ubuntu

OpenSSH vulnerabilities↗2024-01-11

▶

Ubuntu

OpenSSH vulnerabilities↗2024-01-03

▶

Red Hat

openssh: potential command injection via shell metacharacters↗2023-12-18

▶

🕵️Threat Intelligence

Huntress

CVE-2023-51385 Vulnerability: Analysis, Impact, Mitigation | Huntress↗

▶