CVE-2020-15778

Опубликовано: 24 июл. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Средний

Описание

scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

Ссылки

https://access.redhat.com/errata/RHSA-2024:3166
https://github.com/cpandya2909/CVE-2020-15778/
Exploit
Third Party Advisory
https://news.ycombinator.com/item?id=25005567
Third Party Advisory
https://security.gentoo.org/glsa/202212-06
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200731-0007/
Third Party Advisory
https://www.openssh.com/security.html
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:3166
https://github.com/cpandya2909/CVE-2020-15778/
Exploit
Third Party Advisory
https://news.ycombinator.com/item?id=25005567
Third Party Advisory
https://security.gentoo.org/glsa/202212-06
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200731-0007/
Third Party Advisory
https://www.openssh.com/security.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*

Версия до 8.3 (исключая)

cpe:2.3:a:openbsd:openssh:8.3:-:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:8.3:p1:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*

Версия от 9.5 (включая)

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*

cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.66112

Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

CVE-2020-15778

CVSS3: 7.8

ubuntu

почти 5 лет назад

** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-15778

CVSS3: 7.8

redhat

почти 5 лет назад

CVE-2020-15778

CVSS3: 7.8

msrc

почти 5 лет назад

Описание отсутствует

CVE-2020-15778

CVSS3: 7.8

debian

почти 5 лет назад

scp in OpenSSH through 8.3p1 allows command injection in the scp.c tor ...

RLSA-2024:3166

rocky

около 2 месяцев назад

Moderate: openssh security update

EPSS

Процентиль: 98%

0.66112

Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-78