wid-sec-w-2023-3174
Vulnerability from csaf_certbund
Published
2023-12-18 23:00
Modified
2024-07-24 22:00
Summary
SSH Protokoll: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
PuTTY ist ein freier, Open Source Terminal Emulator der als Client für SSH, Telnet, rlogin und die Serielle Konsole dient.
libssh ist eine C Bibliothek für das Anbieten von SSH Diensten auf Client- und Serverseite. Sie kann genutzt werden, um aus der Ferne Programme auszuführen, Dateien zu übertragen oder als sicherer und transparenter Tunnel für entfernte Programme genutzt werden.
Amazon Linux ist eine Linux Distribition, die für Amazon Clouddienste optimiert ist.
Fedora ist eine von Red Hat abstammende Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle im SSH Protokoll ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Appliance
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.\r\nPuTTY ist ein freier, Open Source Terminal Emulator der als Client f\u00fcr SSH, Telnet, rlogin und die Serielle Konsole dient.\r\nlibssh ist eine C Bibliothek f\u00fcr das Anbieten von SSH Diensten auf Client- und Serverseite. Sie kann genutzt werden, um aus der Ferne Programme auszuf\u00fchren, Dateien zu \u00fcbertragen oder als sicherer und transparenter Tunnel f\u00fcr entfernte Programme genutzt werden.\r\nAmazon Linux ist eine Linux Distribition, die f\u00fcr Amazon Clouddienste optimiert ist.\r\nFedora ist eine von Red Hat abstammende Linux-Distribution.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle im SSH Protokoll ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Appliance\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-3174 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3174.json" }, { "category": "self", "summary": "WID-SEC-2023-3174 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3174" }, { "category": "external", "summary": "Debian Security Advisory DLA-3719 vom 2024-01-25", "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0210-1 vom 2024-01-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017749.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3718 vom 2024-01-25", "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:0628 vom 2024-02-12", "url": "https://errata.build.resf.org/RLSA-2024:0628" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0789 vom 2024-02-12", "url": "https://access.redhat.com/errata/RHSA-2024:0789" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0722 vom 2024-02-12", "url": "https://access.redhat.com/errata/RHSA-2024:0722" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:0606 vom 2024-02-12", "url": "https://errata.build.resf.org/RLSA-2024:0606" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0035-1 vom 2024-01-05", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017588.html" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20240105-0004 vom 2024-01-05", "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0455 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6598-1 vom 2024-01-25", "url": "https://ubuntu.com/security/notices/USN-6598-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0499 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0499" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0224-1 vom 2024-01-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017759.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0429 vom 2024-01-25", "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "category": "external", "summary": "Palo Alto Networks Security Advisory PAN-241547 vom 2024-01-09", "url": "https://security.paloaltonetworks.com/CVE-2023-48795" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-48AA5F1DAE vom 2024-01-08", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-48aa5f1dae" }, { "category": "external", "summary": "Juniper Advisory", "url": "https://supportportal.juniper.net/s/article/2024-01-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Impact-of-Terrapin-SSH-Attack-CVE-2023-48795" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1130 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1150 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1150" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0538 vom 2024-01-29", "url": "https://access.redhat.com/errata/RHSA-2024:0538" }, { "category": "external", "summary": "FortiGuard Labs PSIRT Advisory FG-IR-23-490 vom 2024-01-09", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-490" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-2705241461 vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2705241461" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-7B08207CDB vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-7b08207cdb" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-AE653FB07B vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ae653fb07b" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-FB32950D11 vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-fb32950d11" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-8D101D5E22 vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-8d101d5e22" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-E21A9204D2 vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-e21a9204d2" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-0D8D3B8DCC vom 2024-01-09", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-0d8d3b8dcc" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12158 vom 2024-02-14", "url": "https://linux.oracle.com/errata/ELSA-2024-12158.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0460-1 vom 2024-02-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017909.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12157 vom 2024-02-14", "url": "https://linux.oracle.com/errata/ELSA-2024-12157.html" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-091 vom 2024-03-12", "url": "https://www.dell.com/support/kbdoc/000222965/dsa-2024-=" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-6BC0AC05E1 vom 2024-03-11", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-6bc0ac05e1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7197 vom 2024-02-28", "url": "https://access.redhat.com/errata/RHSA-2023:7197" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0954 vom 2024-02-28", "url": "https://access.redhat.com/errata/RHSA-2024:0954" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7201 vom 2024-02-28", "url": "https://access.redhat.com/errata/RHSA-2023:7201" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7198 vom 2024-02-28", "url": "https://access.redhat.com/errata/RHSA-2023:7198" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12164 vom 2024-02-15", "url": "https://linux.oracle.com/errata/ELSA-2024-12164.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0594 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0606 vom 2024-01-30", "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-7E301327C2 vom 2024-01-10", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-7e301327c2" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0625 vom 2024-01-31", "url": "https://access.redhat.com/errata/RHSA-2024:0625" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0628 vom 2024-01-31", "url": "https://access.redhat.com/errata/RHSA-2024:0628" }, { "category": "external", "summary": "Meinberg Security Advisory", "url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-01-lantime-firmware-v7-08-007.htm" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0843 vom 2024-02-15", "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "category": "external", "summary": "Debian Security Advisory DSA-5599 vom 2024-01-12", "url": "https://lists.debian.org/debian-security-announce/2024/msg00006.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5601 vom 2024-01-12", "url": "https://lists.debian.org/debian-security-announce/2024/msg00008.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6560-2 vom 2024-01-11", "url": "https://ubuntu.com/security/notices/USN-6560-2" }, { "category": "external", "summary": "Debian Security Advisory DSA-5600 vom 2024-01-12", "url": "https://lists.debian.org/debian-security-announce/2024/msg00007.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3730 vom 2024-02-01", "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00000.html" }, { "category": "external", "summary": "NIST Vulnerability Database vom 2023-12-18", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "Amazon Linux 1 Security Advisory vom 2023-12-18", "url": "https://alas.aws.amazon.com/ALAS-2023-1898.html" }, { "category": "external", "summary": "Amazon Linux 2 Security Advisory vom 2023-12-18", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2376.html" }, { "category": "external", "summary": "Fedora Advisory vom 2023-12-18", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0733306be9" }, { "category": "external", "summary": "Fedora Advisory vom 2023-12-18", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d296850e7e" }, { "category": "external", "summary": "Putty Latest News vom 2023-12-18", "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-0606 vom 2024-02-01", "url": "https://linux.oracle.com/errata/ELSA-2024-0606.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-0628 vom 2024-02-01", "url": "https://linux.oracle.com/errata/ELSA-2024-0628.html" }, { "category": "external", "summary": "IBM Security Bulletin 7125640 vom 2024-02-28", "url": "https://www.ibm.com/support/pages/node/7125640" }, { "category": "external", "summary": "SUSE CVE-2023-48795", "url": "https://www.suse.com/security/cve/CVE-2023-48795.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6585-1 vom 2024-01-15", "url": "https://ubuntu.com/security/notices/USN-6585-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6561-1 vom 2023-12-19", "url": "https://www.cybersecurity-help.cz/vdb/SB2023121948" }, { "category": "external", "summary": "FreeBSD Security Advisory FREEBSD-SA-23:19.OPENSSH vom 2023-12-19", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:19.openssh.asc" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6560-1 vom 2023-12-19", "url": "https://www.cybersecurity-help.cz/vdb/SB2023121949" }, { "category": "external", "summary": "FreeBSD Security Advisory FREEBSD-SA-23:19.OPENSSH vom 2023-12-19", "url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275845" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6561-1 vom 2023-12-19", "url": "https://ubuntu.com/security/notices/USN-6561-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6560-1 vom 2023-12-19", "url": "https://ubuntu.com/security/notices/USN-6560-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:4905-1 vom 2023-12-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017491.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:4904-1 vom 2023-12-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017492.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:4903-1 vom 2023-12-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017493.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:4902-1 vom 2023-12-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017494.html" }, { "category": "external", "summary": "Gitea Release Notes", "url": "https://blog.gitea.com/release-of-1.21.3/" }, { "category": "external", "summary": "Golang Announce Mailing List vom 2023-12-18", "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-CB8C606FBB vom 2023-12-20", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-cb8c606fbb" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-20FEB865D8 vom 2023-12-20", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-20feb865d8" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2023-7FF32FC746 vom 2023-12-20", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7ff32fc746" }, { "category": "external", "summary": "QNAP Security Advisory", "url": "https://www.qnap.com/de-de/security-advisory/qsa-24-06" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-153404713B vom 2023-12-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-153404713b" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-B87EC6CF47 vom 2023-12-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-b87ec6cf47" }, { "category": "external", "summary": "IGEL Security Notice ISN-2023-39 vom 2024-02-05", "url": "https://kb.igel.com/securitysafety/en/isn-2023-39-ssh-terrapin-vulnerability-112734047.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1196 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1196" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1197 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1197" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-1130 vom 2024-03-06", "url": "https://linux.oracle.com/errata/ELSA-2024-1130.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1192 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1192" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1194 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1194" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1193 vom 2024-03-06", "url": "https://access.redhat.com/errata/RHSA-2024:1193" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-7141950083 vom 2023-12-21", "url": "https://www.cybersecurity-help.cz/vdb/SB2023122119" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-7934EFB5E3 vom 2023-12-21", "url": "https://www.cybersecurity-help.cz/vdb/SB2023122122" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2023-B698D8C031 vom 2023-12-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b698d8c031" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:4946-1 vom 2023-12-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017514.html" }, { "category": "external", "summary": "LANCOM Allgemeine Sicherheitshinweise vom 2023-12-21", "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0327-1 vom 2024-02-05", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017866.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0880 vom 2024-02-20", "url": "https://access.redhat.com/errata/RHSA-2024:0880" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-1150 vom 2024-03-07", "url": "https://linux.oracle.com/errata/ELSA-2024-1150.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6589-1 vom 2024-01-18", "url": "https://www.cybersecurity-help.cz/vdb/SB2024011853" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0140-1 vom 2024-01-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017678.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6589-1 vom 2024-01-18", "url": "https://ubuntu.com/security/notices/USN-6589-1" }, { "category": "external", "summary": "Debian Security Advisory DSA-5588 vom 2023-12-24", "url": "https://www.debian.org/security/2023/dsa-5588" }, { "category": "external", "summary": "Debian Security Advisory DSA-5588 vom 2023-12-24", "url": "https://lists.debian.org/debian-security-announce/2023/msg00285.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3694 vom 2023-12-26", "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5586 vom 2023-12-22", "url": "https://lists.debian.org/debian-security-announce/2023/msg00283.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-55800423A8 vom 2023-12-23", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-55800423a8" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1210 vom 2024-03-13", "url": "https://access.redhat.com/errata/RHSA-2024:1210" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202312-16 vom 2023-12-28", "url": "https://security.gentoo.org/glsa/202312-16" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202312-17 vom 2023-12-28", "url": "https://security.gentoo.org/glsa/202312-17" }, { "category": "external", "summary": "Debian Security Advisory DSA-5591 vom 2023-12-28", "url": "https://lists.debian.org/debian-security-announce/2023/msg00288.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0539-1 vom 2024-02-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017974.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0558-1 vom 2024-02-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017960.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0543-1 vom 2024-02-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017959.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-0355346550 vom 2023-12-31", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0355346550" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-11C0B9B06A vom 2024-01-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-11c0b9b06a" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-3FD1BC9276 vom 2024-01-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-3fd1bc9276" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-A53B24023D vom 2024-01-21", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-a53b24023d" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0430-1 vom 2024-02-08", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017891.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-F0D88B447F vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f0d88b447f" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-39A8C72EA9 vom 2024-01-02", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39a8c72ea9" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-71C2C6526C vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-71c2c6526c" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-D946B9AD25 vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-d946b9ad25" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0006-1 vom 2024-01-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017579.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-B45B6EADA5 vom 2024-01-02", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-b45b6eada5" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-155A6AC298 vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-155a6ac298" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-EPEL-2024-3A29F0D349 vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-3a29f0d349" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-3BB23C77F3 vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-3bb23c77f3" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-06EBB70BDD vom 2024-01-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-06ebb70bdd" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1383 vom 2024-03-19", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12233 vom 2024-03-19", "url": "https://linux.oracle.com/errata/ELSA-2024-12233.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12232 vom 2024-03-19", "url": "https://linux.oracle.com/errata/ELSA-2024-12232.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1433 vom 2024-03-20", "url": "https://access.redhat.com/errata/RHSA-2024:1433" }, { "category": "external", "summary": "IBM Security Bulletin 7144861 vom 2024-03-20", "url": "https://www.ibm.com/support/pages/node/7144861" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0974-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018187.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0972-1 vom 2024-03-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-March/018189.html" }, { "category": "external", "summary": "IBM Security Bulletin 7145046 vom 2024-03-25", "url": "https://www.cybersecurity-help.cz/vdb/SB2024032509" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1557 vom 2024-03-28", "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "category": "external", "summary": "Citrix Security Advisory CTX633181 vom 2024-03-28", "url": "https://support.citrix.com/article/CTX633181/hotfix-xs82ecu1063-for-citrix-hypervisor-82-cumulative-update-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1675 vom 2024-04-04", "url": "https://access.redhat.com/errata/RHSA-2024:1675" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1674 vom 2024-04-04", "url": "https://access.redhat.com/errata/RHSA-2024:1674" }, { "category": "external", "summary": "Dropbear Release 2024.84 vom 2024-04-04", "url": "https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2024q2/002365.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1677 vom 2024-04-04", "url": "https://access.redhat.com/errata/RHSA-2024:1677" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1676 vom 2024-04-04", "url": "https://access.redhat.com/errata/RHSA-2024:1676" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-021 vom 2024-04-06", "url": "https://www.dell.com/support/kbdoc/000221558/dsa-2024-=" }, { "category": "external", "summary": "IBM Security Bulletin 7148094 vom 2024-04-11", "url": "https://www.ibm.com/support/pages/node/7148094" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:1859 vom 2024-04-16", "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "external", "summary": "IBM Security Bulletin 7148398 vom 2024-04-16", "url": "https://www.ibm.com/support/pages/node/7148398" }, { "category": "external", "summary": "Jenkins Security Advisory", "url": "https://www.jenkins.io/security/advisory/2024-04-17/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6738-1 vom 2024-04-22", "url": "https://ubuntu.com/security/notices/USN-6738-1" }, { "category": "external", "summary": "Debian Security Advisory DLA-3794 vom 2024-04-25", "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "category": "external", "summary": "Aruba Product Security Advisory ARUBA-PSA-2024-005 vom 2024-05-07", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-005.txt" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08", "url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-=" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2988 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "category": "external", "summary": "openSUSE Security Update OPENSUSE-SU-2024:0135-1 vom 2024-05-22", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NJ4UKYMVT5L6QOJVM6JMV6AQINAVT4JW/" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28", "url": "https://linux.oracle.com/errata/ELSA-2024-2988.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3479 vom 2024-05-29", "url": "https://access.redhat.com/errata/RHSA-2024:3479" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2728 vom 2024-05-29", "url": "https://access.redhat.com/errata/RHSA-2024:2728" }, { "category": "external", "summary": "HPE Security Bulletin", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesb3p04641en_us" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3636 vom 2024-06-05", "url": "https://access.redhat.com/errata/RHSA-2024:3636" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3635 vom 2024-06-05", "url": "https://access.redhat.com/errata/RHSA-2024:3635" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3634 vom 2024-06-05", "url": "https://access.redhat.com/errata/RHSA-2024:3634" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3918 vom 2024-06-20", "url": "https://access.redhat.com/errata/RHSA-2024:3918" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4010 vom 2024-06-26", "url": "https://access.redhat.com/errata/RHSA-2024:4010" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202407-11 vom 2024-07-05", "url": "https://security.gentoo.org/glsa/202407-11" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202407-12 vom 2024-07-05", "url": "https://security.gentoo.org/glsa/202407-12" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4329 vom 2024-07-11", "url": "https://access.redhat.com/errata/RHSA-2024:4329" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4479 vom 2024-07-17", "url": "https://access.redhat.com/errata/RHSA-2024:4479" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4484 vom 2024-07-17", "url": "https://access.redhat.com/errata/RHSA-2024:4484" }, { "category": "external", "summary": "IBM Security Bulletin 7160492 vom 2024-07-17", "url": "https://www.ibm.com/support/pages/node/7160492" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-239 vom 2024-07-18", "url": "https://www.dell.com/support/kbdoc/de-de/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18", "url": "https://access.redhat.com/errata/RHSA-2024:4631" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4662 vom 2024-07-19", "url": "https://access.redhat.com/errata/RHSA-2024:4662" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4597 vom 2024-07-19", "url": "https://access.redhat.com/errata/RHSA-2024:4597" }, { "category": "external", "summary": "HPE Security Bulletin vom 2024-07-23", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04673en_us\u0026docLocale=en_US" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4613 vom 2024-07-25", "url": "https://access.redhat.com/errata/RHSA-2024:4613" } ], "source_lang": "en-US", "title": "SSH Protokoll: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2024-07-24T22:00:00.000+00:00", "generator": { "date": "2024-07-25T08:36:33.576+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-3174", "initial_release_date": "2023-12-18T23:00:00.000+00:00", "revision_history": [ { "date": "2023-12-18T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-12-19T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Ubuntu und FreeBSD aufgenommen" }, { "date": "2023-12-20T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2023-12-21T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Dropbear, Fedora und SUSE aufgenommen" }, { "date": "2023-12-26T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Debian und Fedora aufgenommen" }, { "date": "2023-12-27T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2023-12-28T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-01-01T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2024-01-02T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Fedora und SUSE aufgenommen" }, { "date": "2024-01-03T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2024-01-07T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von SUSE und NetApp aufgenommen" }, { "date": "2024-01-08T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Palo Alto Networks und Fedora aufgenommen" }, { "date": "2024-01-09T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Fortinet und Fedora aufgenommen" }, { "date": "2024-01-10T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2024-01-11T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Debian und Ubuntu aufgenommen" }, { "date": "2024-01-15T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-01-18T23:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Ubuntu und SUSE aufgenommen" }, { "date": "2024-01-21T23:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2024-01-24T23:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Debian und SUSE aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat, Ubuntu und SUSE aufgenommen" }, { "date": "2024-01-28T23:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-30T23:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-31T23:00:00.000+00:00", "number": "23", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-02-01T23:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-04T23:00:00.000+00:00", "number": "25", "summary": "Neue Updates von QNAP aufgenommen" }, { "date": "2024-02-05T23:00:00.000+00:00", "number": "26", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-08T23:00:00.000+00:00", "number": "27", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-12T23:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen" }, { "date": "2024-02-13T23:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Oracle Linux und SUSE aufgenommen" }, { "date": "2024-02-14T23:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "31", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-20T23:00:00.000+00:00", "number": "32", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-27T23:00:00.000+00:00", "number": "33", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-02-28T23:00:00.000+00:00", "number": "34", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-03-05T23:00:00.000+00:00", "number": "35", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-06T23:00:00.000+00:00", "number": "36", "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen" }, { "date": "2024-03-07T23:00:00.000+00:00", "number": "37", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-03-11T23:00:00.000+00:00", "number": "38", "summary": "Neue Updates von Dell und Fedora aufgenommen" }, { "date": "2024-03-13T23:00:00.000+00:00", "number": "39", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-03-19T23:00:00.000+00:00", "number": "40", "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen" }, { "date": "2024-03-20T23:00:00.000+00:00", "number": "41", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-03-24T23:00:00.000+00:00", "number": "42", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-03-27T23:00:00.000+00:00", "number": "43", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-04-04T22:00:00.000+00:00", "number": "44", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-04-07T22:00:00.000+00:00", "number": "45", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-04-11T22:00:00.000+00:00", "number": "46", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-04-16T22:00:00.000+00:00", "number": "47", "summary": "Neue Updates von Red Hat und IBM aufgenommen" }, { "date": "2024-04-17T22:00:00.000+00:00", "number": "48", "summary": "Neue Updates aufgenommen" }, { "date": "2024-04-22T22:00:00.000+00:00", "number": "49", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-04-25T22:00:00.000+00:00", "number": "50", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-05-07T22:00:00.000+00:00", "number": "51", "summary": "Neue Updates von Aruba und Dell aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "52", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-05-28T22:00:00.000+00:00", "number": "53", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-05-30T22:00:00.000+00:00", "number": "54", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-06-02T22:00:00.000+00:00", "number": "55", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2024-06-05T22:00:00.000+00:00", "number": "56", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-06-19T22:00:00.000+00:00", "number": "57", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-06-25T22:00:00.000+00:00", "number": "58", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-04T22:00:00.000+00:00", "number": "59", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2024-07-11T22:00:00.000+00:00", "number": "60", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-16T22:00:00.000+00:00", "number": "61", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-17T22:00:00.000+00:00", "number": "62", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "63", "summary": "Neue Updates von Dell und Red Hat aufgenommen" }, { "date": "2024-07-21T22:00:00.000+00:00", "number": "64", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-23T22:00:00.000+00:00", "number": "65", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2024-07-24T22:00:00.000+00:00", "number": "66", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "66" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "T028903", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Aruba EdgeConnect", "product": { "name": "Aruba EdgeConnect", "product_id": "T027755", "product_identification_helper": { "cpe": "cpe:/a:aruba:edgeconnect:-" } } }, { "branches": [ { "category": "product_name", "name": "Aruba Switch", "product": { "name": "Aruba Switch", "product_id": "T024430", "product_identification_helper": { "cpe": "cpe:/h:arubanetworks:switch:aos-cx" } } }, { "category": "product_name", "name": "Aruba Switch", "product": { "name": "Aruba Switch", "product_id": "T033685", "product_identification_helper": { "cpe": "cpe:/h:arubanetworks:switch:-" } } } ], "category": "product_name", "name": "Switch" } ], "category": "vendor", "name": "Aruba" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "8.2", "product": { "name": "Citrix Systems Hypervisor 8.2", "product_id": "T029180", "product_identification_helper": { "cpe": "cpe:/o:citrix:hypervisor:8.2" } } } ], "category": "product_name", "name": "Hypervisor" } ], "category": "vendor", "name": "Citrix Systems" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c3.8.1.1", "product": { "name": "Dell ECS \u003c3.8.1.1", "product_id": "T036366", "product_identification_helper": { "cpe": "cpe:/h:dell:ecs:3.8.1.1" } } } ], "category": "product_name", "name": "ECS" }, { "branches": [ { "category": "product_version_range", "name": "vProxy OVA \u003c19.9.0.5", "product": { "name": "Dell NetWorker vProxy OVA \u003c19.9.0.5", "product_id": "T033357", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:vproxy_ova__19.9.0.5" } } }, { "category": "product_version", "name": "virtual", "product": { "name": "Dell NetWorker virtual", "product_id": "T034583", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:virtual" } } } ], "category": "product_name", "name": "NetWorker" }, { "branches": [ { "category": "product_version_range", "name": "iDRAC 8 \u003c2.86.86.86", "product": { "name": "Dell integrated Dell Remote Access Controller iDRAC 8 \u003c2.86.86.86", "product_id": "T033946", "product_identification_helper": { "cpe": "cpe:/h:dell:idrac:idrac_8__2.86.86.86" } } }, { "category": "product_version_range", "name": "iDRAC 9 \u003c7.00.00.171", "product": { "name": "Dell integrated Dell Remote Access Controller iDRAC 9 \u003c7.00.00.171", "product_id": "T033947", "product_identification_helper": { "cpe": "cpe:/h:dell:idrac:idrac_9__7.00.00.171" } } } ], "category": "product_name", "name": "integrated Dell Remote Access Controller" } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7", "product": { "name": "Fortinet FortiOS 7.0", "product_id": "T031929", "product_identification_helper": { "cpe": "cpe:/o:fortinet:fortios:7.0" } } }, { "category": "product_version", "name": "7.2", "product": { "name": "Fortinet FortiOS 7.2", "product_id": "T031930", "product_identification_helper": { "cpe": "cpe:/o:fortinet:fortios:7.2" } } }, { "category": "product_version", "name": "7.4", "product": { "name": "Fortinet FortiOS 7.4", "product_id": "T031931", "product_identification_helper": { "cpe": "cpe:/o:fortinet:fortios:7.4" } } } ], "category": "product_name", "name": "FortiOS" } ], "category": "vendor", "name": "Fortinet" }, { "branches": [ { "category": "product_name", "name": "FreeBSD Project FreeBSD OS", "product": { "name": "FreeBSD Project FreeBSD OS", "product_id": "4035", "product_identification_helper": { "cpe": "cpe:/o:freebsd:freebsd:-" } } } ], "category": "vendor", "name": "FreeBSD Project" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "Golang Go", "product": { "name": "Golang Go", "product_id": "T029035", "product_identification_helper": { "cpe": "cpe:/a:golang:go:-" } } } ], "category": "vendor", "name": "Golang" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7.3", "product": { "name": "IBM AIX 7.3", "product_id": "1139691", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.3" } } }, { "category": "product_version", "name": "7.2", "product": { "name": "IBM AIX 7.2", "product_id": "434967", "product_identification_helper": { "cpe": "cpe:/o:ibm:aix:7.2" } } } ], "category": "product_name", "name": "AIX" }, { "branches": [ { "category": "product_version", "name": "22.0.2", "product": { "name": "IBM Business Automation Workflow 22.0.2", "product_id": "T027961", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:22.0.2" } } }, { "category": "product_version", "name": "23.0.1", "product": { "name": "IBM Business Automation Workflow 23.0.1", "product_id": "T031216", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:23.0.1" } } }, { "category": "product_version", "name": "23.0.2", "product": { "name": "IBM Business Automation Workflow 23.0.2", "product_id": "T032497", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:23.0.2" } } } ], "category": "product_name", "name": "Business Automation Workflow" }, { "branches": [ { "category": "product_version", "name": "v10", "product": { "name": "IBM Power Hardware Management Console v10", "product_id": "T023373", "product_identification_helper": { "cpe": "cpe:/a:ibm:hardware_management_console:v10" } } } ], "category": "product_name", "name": "Power Hardware Management Console" }, { "branches": [ { "category": "product_version", "name": "7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category": "product_name", "name": "QRadar SIEM" }, { "branches": [ { "category": "product_version", "name": "12", "product": { "name": "IBM Security Guardium 12.0", "product_id": "T031092", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_guardium:12.0" } } } ], "category": "product_name", "name": "Security Guardium" }, { "branches": [ { "category": "product_version", "name": "Plus 10.1", "product": { "name": "IBM Spectrum Protect Plus 10.1", "product_id": "T015895", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1" } } } ], "category": "product_name", "name": "Spectrum Protect" }, { "branches": [ { "category": "product_version", "name": "3.1", "product": { "name": "IBM VIOS 3.1", "product_id": "1039165", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:3.1" } } }, { "category": "product_version", "name": "4.1", "product": { "name": "IBM VIOS 4.1", "product_id": "1522854", "product_identification_helper": { "cpe": "cpe:/a:ibm:vios:4.1" } } } ], "category": "product_name", "name": "VIOS" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "IGEL OS", "product": { "name": "IGEL OS", "product_id": "T017865", "product_identification_helper": { "cpe": "cpe:/o:igel:os:-" } } } ], "category": "vendor", "name": "IGEL" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c2.452", "product": { "name": "Jenkins Jenkins \u003c2.452", "product_id": "T034285", "product_identification_helper": { "cpe": "cpe:/a:cloudbees:jenkins:2.452" } } }, { "category": "product_version_range", "name": "LTS \u003c2.440.3", "product": { "name": "Jenkins Jenkins LTS \u003c2.440.3", "product_id": "T034286", "product_identification_helper": { "cpe": "cpe:/a:cloudbees:jenkins:lts__2.440.3" } } } ], "category": "product_name", "name": "Jenkins" } ], "category": "vendor", "name": "Jenkins" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c19.4R3-S13", "product": { "name": "Juniper JUNOS \u003c19.4R3-S13", "product_id": "T032368", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:19.4r3-s13" } } }, { "category": "product_version_range", "name": "\u003c20.4R3-S10", "product": { "name": "Juniper JUNOS \u003c20.4R3-S10", "product_id": "T032369", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:20.4r3-s10" } } }, { "category": "product_version_range", "name": "\u003c21.4R3-S6", "product": { "name": "Juniper JUNOS \u003c21.4R3-S6", "product_id": "T032370", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:21.4r3-s6" } } }, { "category": "product_version_range", "name": "\u003c22.1R3-S5", "product": { "name": "Juniper JUNOS \u003c22.1R3-S5", "product_id": "T032371", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:22.1r3-s5" } } }, { "category": "product_version_range", "name": "\u003c22.2R3-S3", "product": { "name": "Juniper JUNOS \u003c22.2R3-S3", "product_id": "T032372", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:22.2r3-s3" } } }, { "category": "product_version_range", "name": "\u003c22.4R3-S1", "product": { "name": "Juniper JUNOS \u003c22.4R3-S1", "product_id": "T032373", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:22.4r3-s1" } } }, { "category": "product_version_range", "name": "\u003c23.2R2", "product": { "name": "Juniper JUNOS \u003c23.2R2", "product_id": "T032374", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:23.2r2" } } }, { "category": "product_version_range", "name": "\u003c23.4R2", "product": { "name": "Juniper JUNOS \u003c23.4R2", "product_id": "T032375", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:23.4r2" } } }, { "category": "product_version_range", "name": "\u003c24.1R1", "product": { "name": "Juniper JUNOS \u003c24.1R1", "product_id": "T032376", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:24.1r1" } } } ], "category": "product_name", "name": "JUNOS" } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "SX 4.20", "product": { "name": "LANCOM LCOS SX 4.20", "product_id": "T026553", "product_identification_helper": { "cpe": "cpe:/o:lancom:lcos:sx_4.20" } } }, { "category": "product_name", "name": "LANCOM LCOS", "product": { "name": "LANCOM LCOS", "product_id": "T026953", "product_identification_helper": { "cpe": "cpe:/o:lancom:lcos:-" } } }, { "category": "product_version", "name": "LX", "product": { "name": "LANCOM LCOS LX", "product_id": "T026954", "product_identification_helper": { "cpe": "cpe:/o:lancom:lcos:lx" } } }, { "category": "product_version", "name": "FX", "product": { "name": "LANCOM LCOS FX", "product_id": "T031787", "product_identification_helper": { "cpe": "cpe:/o:lancom:lcos:fx" } } }, { "category": "product_version", "name": "SX 5.20", "product": { "name": "LANCOM LCOS SX 5.20", "product_id": "T031788", "product_identification_helper": { "cpe": "cpe:/o:lancom:lcos:sx_5.20" } } } ], "category": "product_name", "name": "LCOS" } ], "category": "vendor", "name": "LANCOM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.08.007", "product": { "name": "Meinberg LANTIME \u003c7.08.007", "product_id": "T032435", "product_identification_helper": { "cpe": "cpe:/h:meinberg:lantime:7.08.007" } } } ], "category": "product_name", "name": "LANTIME" } ], "category": "vendor", "name": "Meinberg" }, { "branches": [ { "category": "product_name", "name": "NetApp Data ONTAP", "product": { "name": "NetApp Data ONTAP", "product_id": "T027038", "product_identification_helper": { "cpe": "cpe:/a:netapp:data_ontap:9" } } }, { "category": "product_name", "name": "NetApp FAS", "product": { "name": "NetApp FAS", "product_id": "T011540", "product_identification_helper": { "cpe": "cpe:/h:netapp:fas:-" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Open Source Dropbear SSH", "product": { "name": "Open Source Dropbear SSH", "product_id": "T031811", "product_identification_helper": { "cpe": "cpe:/a:dropbear_ssh_project:dropbear_ssh:-" } } }, { "category": "product_version_range", "name": "\u003c2024.84", "product": { "name": "Open Source Dropbear SSH \u003c2024.84", "product_id": "T033902", "product_identification_helper": { "cpe": "cpe:/a:dropbear_ssh_project:dropbear_ssh:2024.84" } } } ], "category": "product_name", "name": "Dropbear SSH" }, { "branches": [ { "category": "product_version_range", "name": "\u003c1.21.3", "product": { "name": "Open Source Gitea \u003c1.21.3", "product_id": "T031778", "product_identification_helper": { "cpe": "cpe:/a:gitea:gitea:1.21.3" } } } ], "category": "product_name", "name": "Gitea" }, { "branches": [ { "category": "product_version_range", "name": "\u003c9.6", "product": { "name": "Open Source OpenSSH \u003c9.6", "product_id": "T031748", "product_identification_helper": { "cpe": "cpe:/a:openbsd:openssh:9.6" } } } ], "category": "product_name", "name": "OpenSSH" }, { "branches": [ { "category": "product_version_range", "name": "\u003c0.80", "product": { "name": "Open Source PuTTY \u003c0.80", "product_id": "T031749", "product_identification_helper": { "cpe": "cpe:/a:simon_tatham:putty:0.80" } } } ], "category": "product_name", "name": "PuTTY" }, { "branches": [ { "category": "product_version_range", "name": "\u003c0.10.6", "product": { "name": "Open Source libssh \u003c0.10.6", "product_id": "T031750", "product_identification_helper": { "cpe": "cpe:/a:libssh:libssh:0.10.6" } } }, { "category": "product_version_range", "name": "\u003c0.9.8", "product": { "name": "Open Source libssh \u003c0.9.8", "product_id": "T031751", "product_identification_helper": { "cpe": "cpe:/a:libssh:libssh:0.9.8" } } } ], "category": "product_name", "name": "libssh" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "PaloAlto Networks PAN-OS", "product": { "name": "PaloAlto Networks PAN-OS", "product_id": "T016533", "product_identification_helper": { "cpe": "cpe:/o:paloaltonetworks:pan-os:-" } } } ], "category": "vendor", "name": "PaloAlto Networks" }, { "branches": [ { "category": "product_name", "name": "QNAP NAS", "product": { "name": "QNAP NAS", "product_id": "T017100", "product_identification_helper": { "cpe": "cpe:/h:qnap:nas:-" } } } ], "category": "vendor", "name": "QNAP" }, { "branches": [ { "category": "product_name", "name": "RESF Rocky Linux", "product": { "name": "RESF Rocky Linux", "product_id": "T032255", "product_identification_helper": { "cpe": "cpe:/o:resf:rocky_linux:-" } } } ], "category": "vendor", "name": "RESF" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "branches": [ { "category": "product_version", "name": "7.4", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.4", "product_id": "978052", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" } } }, { "category": "product_version_range", "name": "\u003c8.0.1", "product": { "name": "Red Hat JBoss Enterprise Application Platform \u003c8.0.1", "product_id": "T033272", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0.1" } } }, { "category": "product_version_range", "name": "\u003c7.4.16", "product": { "name": "Red Hat JBoss Enterprise Application Platform \u003c7.4.16", "product_id": "T033900", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.16" } } } ], "category": "product_name", "name": "JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } }, { "category": "product_name", "name": "SUSE openSUSE", "product": { "name": "SUSE openSUSE", "product_id": "T027843", "product_identification_helper": { "cpe": "cpe:/o:suse:opensuse:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle im SSH-Protokoll. Diese erlaubt es, Integrit\u00e4tspr\u00fcfungen zu umgehen, indem Sequenznummern w\u00e4hrend des Handshakes manipuliert werden. Dadurch ist es m\u00f6glich, Teile von Nachrichten zu entfernen, ohne einen MAC-Fehler zu verursachen. Ein Angreifer mit Zugriff auf den Netzwerkverkehr kann diese Schwachstelle ausnutzen, um Nachrichten zu entfernen und so die Integrit\u00e4t der Verbindung zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T033357", "T031216", "T031931", "T031930", "T031778", "T031811", "T034286", "T034285", "T016533", "T033272", "T004914", "1139691", "T031092", "T027755", "T027038", "T033947", "T031929", "T032435", "T031788", "T031787", "434967", "1039165", "T029180", "1522854", "T012167", "T033685", "T022954", "T014381", "2951", "T002207", "T026954", "T027843", "T026953", "T027961", "T026553", "T029035", "T032368", "T032369", "67646", "4035", "T011540", "T034583", "T036366", "T028903", "978052", "T023373", "T033902", "T033946", "T033900", "T032371", "T032372", "T015895", "T032370", "T032375", "T032255", "T032376", "T032497", "74185", "T032373", "T017100", "T032374", "T017865", "T000126", "T024430" ] }, "release_date": "2023-12-18T23:00:00Z", "title": "CVE-2023-48795" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.