GSD-2022-45047
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-45047",
"description": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.",
"id": "GSD-2022-45047",
"references": [
"https://access.redhat.com/errata/RHSA-2022:8957",
"https://access.redhat.com/errata/RHSA-2023:0074",
"https://www.suse.com/security/cve/CVE-2022-45047.html",
"https://access.redhat.com/errata/RHSA-2023:0552",
"https://access.redhat.com/errata/RHSA-2023:0553",
"https://access.redhat.com/errata/RHSA-2023:0554",
"https://access.redhat.com/errata/RHSA-2023:0556",
"https://access.redhat.com/errata/RHSA-2023:0560",
"https://access.redhat.com/errata/RHSA-2023:0713",
"https://access.redhat.com/errata/RHSA-2023:0758",
"https://access.redhat.com/errata/RHSA-2023:0777",
"https://access.redhat.com/errata/RHSA-2023:1043",
"https://access.redhat.com/errata/RHSA-2023:1044",
"https://access.redhat.com/errata/RHSA-2023:1045",
"https://access.redhat.com/errata/RHSA-2023:1047",
"https://access.redhat.com/errata/RHSA-2023:1049",
"https://access.redhat.com/errata/RHSA-2023:1064"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-45047"
],
"details": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.",
"id": "GSD-2022-45047",
"modified": "2023-12-13T01:19:24.616296Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-45047",
"STATE": "PUBLIC",
"TITLE": "Apache MINA SSHD: Java unsafe deserialization vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache MINA SSHD",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.9.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "The Apache MINA SSHD team would like to thank Zhang Zewei, NOFOCUS, for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "important"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"refsource": "MISC",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20240216-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20240216-0008/"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "For Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser)."
},
{
"lang": "eng",
"value": "The issue was fixed in Apache MINA SSHD 2.9.2. "
}
]
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,2.9.2)",
"affected_versions": "All versions before 2.9.2",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-937"
],
"date": "2022-11-21",
"description": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.",
"fixed_versions": [
"2.9.2"
],
"identifier": "CVE-2022-45047",
"identifiers": [
"GHSA-fhw8-8j55-vwgq",
"CVE-2022-45047"
],
"not_impacted": "All versions starting from 2.9.2",
"package_slug": "maven/org.apache.sshd/sshd-common",
"pubdate": "2022-11-16",
"solution": "Upgrade to version 2.9.2 or above.",
"title": "Deserialization of Untrusted Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32",
"https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5",
"https://github.com/advisories/GHSA-fhw8-8j55-vwgq"
],
"uuid": "36ad34aa-63c5-40c5-a965-4724df7ecddd"
},
{
"affected_range": "(,2.1.0)",
"affected_versions": "All versions before 2.1.0",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-937"
],
"date": "2023-08-18",
"description": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.",
"fixed_versions": [
"2.9.2"
],
"identifier": "CVE-2022-45047",
"identifiers": [
"GHSA-fhw8-8j55-vwgq",
"CVE-2022-45047"
],
"not_impacted": "All versions starting from 2.1.0",
"package_slug": "maven/org.apache.sshd/sshd-core",
"pubdate": "2022-11-16",
"solution": "Upgrade to version 2.9.2 or above.",
"title": "Deserialization of Untrusted Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32",
"https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5",
"https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0",
"https://github.com/advisories/GHSA-fhw8-8j55-vwgq"
],
"uuid": "ff844e91-ea5b-4777-9f38-8455a6751ba5"
},
{
"affected_range": "(,2.9.2)",
"affected_versions": "All versions before 2.9.2",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-937"
],
"date": "2022-11-18",
"description": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.",
"fixed_versions": [
"2.9.2"
],
"identifier": "CVE-2022-45047",
"identifiers": [
"CVE-2022-45047"
],
"not_impacted": "All versions starting from 2.9.2",
"package_slug": "maven/org.apache.sshd/sshd",
"pubdate": "2022-11-16",
"solution": "Upgrade to version 2.9.2 or above.",
"title": "Deserialization of Untrusted Data",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
],
"uuid": "3724cb12-df77-481a-ba28-a473aaf237a9"
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0F9FD-039D-4097-979B-9242276B1DD3",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD \u003c= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server."
},
{
"lang": "es",
"value": "La clase org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider en Apache MINA SSHD anteriore a la versi\u00f3n 2.9.1 usa la deserializaci\u00f3n de Java para cargar una java.security.PrivateKey serializada. La clase es una de varias implementaciones que un implementador que usa Apache MINA SSHD puede elegir para cargar las claves de host de un servidor SSH."
}
],
"id": "CVE-2022-45047",
"lastModified": "2024-02-16T13:15:09.513",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-16T09:15:14.320",
"references": [
{
"source": "security@apache.org",
"url": "https://security.netapp.com/advisory/ntap-20240216-0008/"
},
{
"source": "security@apache.org",
"url": "https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…