Lucene search
GoogleOSV:RLSA-2023:4419HistoryAug 08, 2023 - 12:34 p.m.
Important: openssh security update
2023-08-0812:34:30
Google
osv.dev
14
openssh
security update
remote code execution
ssh-agent
pkcs#11
cve-2023-38408
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
High
EPSS
0.058
Percentile
93.5%
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
- openssh: Remote code execution in ssh-agent PKCS#11 support (CVE-2023-38408)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
fedora
fedora
[SECURITY] Fedora 37 Update: openssh-8.8p1-11.fc37
2023-07-28 01:40:23
[SECURITY] Fedora 38 Update: openssh-9.0p1-16.fc38
2023-07-23 01:30:52
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:08.ssh
2023-08-01 00:00:00
oraclelinux
oraclelinux
openssh security update
2023-08-02 00:00:00
openssh security update
2023-08-02 00:00:00
openssh security update
2023-08-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2222
2023-08-29 11:57:56
Advisory ROSA-SA-2023-2229
2023-09-05 09:40:26
openvas
openvas
Ubuntu: Security Advisory (USN-6242-1)
2023-07-25 00:00:00
Ubuntu: Security Advisory (USN-6242-2)
2023-08-01 00:00:00
Slackware: Security Advisory (SSA:2023-200-02)
2023-07-20 00:00:00
githubexploit
githubexploit
Exploit for Unquoted Search Path or Element in Openbsd Openssh
2023-07-21 01:53:10
Exploit for Unquoted Search Path or Element in Openbsd Openssh
2023-11-09 04:34:39
Exploit for Unquoted Search Path or Element in Openbsd Openssh
2023-08-09 19:56:07
ubuntu
ubuntu
OpenSSH vulnerability
2023-07-31 00:00:00
OpenSSH vulnerability
2023-07-24 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2024-01-12 19:29:35
rocky
rocky
openssh security update
2023-08-08 12:34:30
nessus
nessus
OpenSSH < 9.3p2 Vulnerability
2023-07-26 00:00:00
RHEL 8 : openssh (RHSA-2023:4419)
2023-08-01 00:00:00
RHEL 8 : openssh (RHSA-2023:4413)
2023-08-01 00:00:00
cloudlinux
cloudlinux
openssh: Fix of CVE-2023-38408
2023-08-09 10:29:03
freebsd
freebsd
FreeBSD -- Potential remote code execution via ssh-agent forwarding
2023-08-01 00:00:00
OpenSSH -- remote code execution via a forwarded agent socket
2023-07-19 00:00:00
cgr
cgr
CVE-2023-38408 vulnerabilities
2024-05-19 03:07:16
qualysblog
qualysblog
CVE-2023-38408: Remote Code Execution in OpenSSHβs forwarded ssh-agent
2023-07-19 15:53:27
Oracle Patch Tuesday, October 2023 Security Update Review
2023-10-18 17:11:20
almalinux
almalinux
Important: openssh security update
2023-08-01 00:00:00
Important: openssh security update
2023-08-01 00:00:00
osv
osv
openssh - security update
2023-08-17 00:00:00
Important: openssh security update
2023-08-01 00:00:00
openssh vulnerability
2023-07-24 16:38:57
cbl_mariner
cbl_mariner
CVE-2023-38408 affecting package openssh 8.9p1-2
2023-08-15 16:37:27
CVE-2023-38408 affecting package openssh for versions less than 8.9p1-1
2023-08-10 16:37:57
ibm
ibm
redhat
redhat
(RHSA-2023:4383) Important: openssh security update
2023-08-01 09:05:07
(RHSA-2023:4384) Important: openssh security update
2023-08-01 09:06:31
(RHSA-2023:4428) Important: openssh security update
2023-08-02 07:47:53
slackware
slackware
[slackware-security] openssh
2023-07-19 20:41:55
cloudfoundry
cloudfoundry
USN-6242-1: OpenSSH vulnerability | Cloud Foundry
2023-08-10 00:00:00
redos
redos
ROS-20240212-01
2024-02-12 00:00:00
redhatcve
redhatcve
CVE-2023-38408
2023-07-20 07:17:39
debian
debian
[SECURITY] [DLA 3532-1] openssh security update
2023-08-17 01:17:24
wolfi
wolfi
CVE-2023-38408 vulnerabilities
2024-09-19 09:11:50
broadcom
broadcom
alpinelinux
alpinelinux
CVE-2023-38408
2023-07-20 03:15:10
thn
thn
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
2023-07-24 09:10:00
nvd
nvd
CVE-2023-38408
2023-07-20 03:15:10
cve
cve
CVE-2023-38408
2023-07-20 03:15:10
cvelist
cvelist
CVE-2023-38408
2023-07-20 00:00:00
amazon
amazon
Important: openssh
2023-08-03 18:09:00
Important: openssh
2023-08-17 11:39:00
ubuntucve
ubuntucve
CVE-2023-38408
2023-07-19 00:00:00
aix
aix
f5
f5
K000135709 : OpenSSH vulnerability CVE-2023-38408
2023-08-02 00:00:00
debiancve
debiancve
CVE-2023-38408
2023-07-20 03:15:10
veracode
veracode
Remote Code Execution (RCE)
2023-07-20 11:22:49
prion
prion
Remote code execution
2023-07-20 03:15:00
gentoo
gentoo
OpenSSH: Remote Code Execution
2023-07-20 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0628
2023-08-05 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0057
2023-07-26 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0440
2023-07-29 00:00:00
packetstorm
packetstorm
OpenSSH Forwarded SSH-Agent Remote Code Execution
2023-07-20 00:00:00
mageia
mageia
Updated openssh packages fix security vulnerabilities
2024-01-15 01:23:43
apple
apple
About the security content of macOS Sonoma 14
2023-09-26 00:00:00
hp
hp
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
High
EPSS
0.058
Percentile
93.5%
Related for OSV:RLSA-2023:4419