Home

CVE-2018-20685

Description

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
3.377

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-20685,CVE-2019-6109,CVE-2019-6110 are affected in WinSCP 5.13Windows
Vulnerabilities CVE-2018-20685,CVE-2019-6109,CVE-2019-6110 are affected in WinSCP (MSI) 5.13Windows
secure shell (SSH) for secure access to remote machines (USN-3885-1) openssh-client_7.2p2-4ubuntu2.7_amd64.debLinux
secure shell (SSH) for secure access to remote machines (USN-3885-1) openssh-client_7.7p1-4ubuntu0.2_amd64.debLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-askpass-gnome-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-askpass-gnome-debuginfo-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-debuginfo-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-debugsource-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-helpers-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:0132-1(SUSE Linux Enterprise Desktop 12-SP4 ) openssh-helpers-debuginfo-7.2p2-74.35.1.x86_64.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-6.6p1-36.12.1.i586.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-6.6p1-36.12.1.x86_64.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-askpass-gnome-6.6p1-36.12.1.i586.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-askpass-gnome-6.6p1-36.12.1.x86_64.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-fips-6.6p1-36.12.1.i586.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-fips-6.6p1-36.12.1.x86_64.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-helpers-6.6p1-36.12.1.i586.rpmLinux
SUSE-SU-2019:13931-1(SUSE Linux Enterprise Server 11-SP4 ) openssh-helpers-6.6p1-36.12.1.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-askpass-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-cavs-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-clients-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-debugsource-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-keycat-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-ldap-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update openssh-server-8.0p1-3.el8.x86_64.rpmLinux
(RHSA-2019:3702) openssh security, bug fix, and enhancement update pam_ssh_agent_auth-0.10.3-7.3.el8.x86_64.rpmLinux
(CESA-2019:3702) openssh security, bug fix, and enhancement update openssh-askpass-8.0p1-3.el8.x86_64.rpmLinux
Incorrect Authorization Vulnerability (CVE-2018-20685)NCM
CVE-2018-20685NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-326031WinSCP (5.21.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234