CVE-2019-14889

Опубликовано: 05 дек. 2019

Источник: redhat

CVSS3: 7.1

EPSS Низкий

Описание

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.

A flaw was found with the libssh API function ssh_scp_new(). A user able to connect to a server using SCP could execute arbitrary command using a user-provided path, leading to a compromise of the remote target.

Отчет

Red Hat Virtualization only uses libssh for client-side, not server-side where this vulnerability is present.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libssh2	Not affected
Red Hat Enterprise Linux 7	libssh2	Not affected
Red Hat Enterprise Linux 8	libssh2	Not affected
Red Hat Virtualization 4	libssh	Not affected
Red Hat Enterprise Linux 8	libssh	Fixed	RHSA-2020:4545	04.11.2020
Red Hat Enterprise Linux 8	libssh	Fixed	RHSA-2020:4545	04.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-78

https://bugzilla.redhat.com/show_bug.cgi?id=1772523libssh: unsanitized location in scp could lead to unwanted command execution

EPSS

Процентиль: 79%

0.0123

Низкий

7.1 High

CVSS3

Связанные уязвимости

CVE-2019-14889

CVSS3: 8.8

ubuntu

около 6 лет назад

CVE-2019-14889

CVSS3: 8.8

nvd

около 6 лет назад

CVE-2019-14889

CVSS3: 8.8

debian

около 6 лет назад

A flaw was found with the libssh API function ssh_scp_new() in version ...

openSUSE-SU-2020:0102-1

suse-cvrf

около 6 лет назад

Security update for libssh

openSUSE-SU-2019:2689-1

suse-cvrf

около 6 лет назад

Security update for libssh

EPSS

Процентиль: 79%

0.0123

Низкий

7.1 High

CVSS3