Опубликовано: 12 мар. 2018
Источник: ubuntu
Приоритет: high
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8
Описание
The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 1.12.2-1 |
| disco | ignored | end of life |
| eoan | not-affected | 1.12.2-1 |
| esm-apps/bionic | released | 1.11.1-1ubuntu0.1~esm1 |
| esm-apps/focal | not-affected | 1.12.2-1 |
| esm-apps/jammy | not-affected | 1.12.2-1 |
| esm-apps/xenial | ignored | no |
Показывать по
10
EPSS
Процентиль: 59%
0.00389
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 8 лет назад
The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step.
CVSS3: 9.8
debian
почти 8 лет назад
The SSH server implementation of AsyncSSH before 1.12.1 does not prope ...
EPSS
Процентиль: 59%
0.00389
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3