exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2023-51767

больше 1 года назад

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVSS3: 7

EPSS: Низкий

CVE-2023-51767

больше 1 года назад

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVSS3: 7

EPSS: Низкий

CVE-2023-51767

больше 1 года назад

OpenSSH through 9.6, when common types of DRAM are used, might allow r ...

CVSS3: 7

EPSS: Низкий

GHSA-27q9-h529-q4g3

больше 1 года назад

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVSS3: 7

EPSS: Низкий

BDU:2024-00107

больше 1 года назад

Уязвимость функции mm_answer_authpassword() cредства криптографической защиты OpenSSH, позволяющая нарушителю реализовать атаку Rowhammer и обойти процедуру аутентификации

CVSS3: 7

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.	CVSS3: 7	0% Низкий	больше 1 года назад
CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.	CVSS3: 7	0% Низкий	больше 1 года назад
CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow r ...	CVSS3: 7	0% Низкий	больше 1 года назад
GHSA-27q9-h529-q4g3 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.	CVSS3: 7	0% Низкий	больше 1 года назад
BDU:2024-00107 Уязвимость функции mm_answer_authpassword() cредства криптографической защиты OpenSSH, позволяющая нарушителю реализовать атаку Rowhammer и обойти процедуру аутентификации	CVSS3: 7	0% Низкий	больше 1 года назад

Уязвимостей на страницу