CVE-2018-1000805
Description
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.421
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko 2.0.9 | Windows |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko 2.1.6 | Windows |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko 2.2.4 | Windows |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko 2.3.3 | Windows |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko 2.4.2 | Windows |
| Python SSH2 library (USN-3796-1) python-paramiko_1.16.0-1ubuntu0.2_all.deb | Linux |
| Python SSH2 library (USN-3796-1) python-paramiko_1.10.1-1git1ubuntu0.2_all.deb | Linux |
| Python SSH2 library (USN-3796-1) python3-paramiko_1.16.0-1ubuntu0.2_all.deb | Linux |
| Python-paramiko security update (CESA-2018:1124) python-paramiko-1.7.5-5.el6_10.noarch.rpm | Linux |
| Python-paramiko security update (CESA-2018:3347) python-paramiko-2.1.1-9.el7.noarch.rpm | Linux |
| Python-paramiko security update (CESA-2018:3347) python-paramiko-doc-2.1.1-9.el7.noarch.rpm | Linux |
| Python-paramiko security update (CESA-2018:3406) python-paramiko-1.7.5-5.el6_10.noarch.rpm | Linux |
| (RHSA-2018:3406) python-paramiko security update python-paramiko-1.7.5-5.el6_10.noarch.rpm | Linux |
| (RHSA-2018:3347) python-paramiko security update python-paramiko-2.1.1-9.el7.noarch.rpm | Linux |
| (RHSA-2018:3347) python-paramiko security update python-paramiko-doc-2.1.1-9.el7.noarch.rpm | Linux |
| Python-paramiko update (ELSA-2018-3347) python-paramiko-2.1.1-9.el7.noarch.rpm | Linux |
| Python-paramiko-doc update (ELSA-2018-3347) python-paramiko-doc-2.1.1-9.el7.noarch.rpm | Linux |
| SUSE-SU-2022:3730-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) python3-paramiko-2.4.3-150100.6.15.1.noarch.rpm | Linux |
| SUSE-SU-2022:3730-1(SUSE Linux Enterprise Module for Basesystem 15-SP4 ) python3-paramiko-2.4.3-150100.6.15.1.noarch_15_SP4.rpm | Linux |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko for linux 2.0.9 | Linux |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko for linux 2.1.6 | Linux |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko for linux 2.2.4 | Linux |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko for linux 2.3.3 | Linux |
| Vulnerabilities CVE-2018-1000805 are fixed in Python-paramiko for linux 2.4.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234