CVE-2018-10933
Description
A vulnerability was found in libsshs server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
Risk Information
Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
78.329
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-0732,CVE-2018-10933 are affected in MySQL Workbench Enterprise Edition 8.0.13 | Windows |
| Vulnerabilities CVE-2018-0732,CVE-2018-10933 are affected in MySQL Workbench CE (x64) 8.0.13 | Windows |
| Multiple Vulnerabilities are affected in Netapp Snapcenter - | Windows |
| Multiple Vulnerabilities are affected in Netapp Oncommand Workflow Automation - | Windows |
| A tiny C SSH library (USN-3795-2) libssh-4_0.8.1-1ubuntu0.1_amd64.deb | Linux |
| SUSE-SU-2018:3253-1(SUSE Linux Enterprise Desktop 12-SP3 ) libssh-debugsource-0.6.3-12.6.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3253-1(SUSE Linux Enterprise Desktop 12-SP3 ) libssh4-0.6.3-12.6.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3253-1(SUSE Linux Enterprise Desktop 12-SP3 ) libssh4-debuginfo-0.6.3-12.6.1.x86_64.rpm | Linux |
| Libssh update (ELSA-2024-3233) libssh-0.9.6-14.el8.i686.rpm | Linux |
| Libssh update (ELSA-2024-3233) libssh-0.9.6-14.el8.x86_64.rpm | Linux |
| Libssh-config update (ELSA-2024-3233) libssh-config-0.9.6-14.el8.noarch.rpm | Linux |
| Libssh-devel update (ELSA-2024-3233) libssh-devel-0.9.6-14.el8.i686.rpm | Linux |
| Libssh-devel update (ELSA-2024-3233) libssh-devel-0.9.6-14.el8.x86_64.rpm | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-347137 | MySQL Workbench CE (x64) (8.0.42) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234