CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
99.6%
Software: openssh 7.4p1
OS: rosa-server79
package_evr_string: openssh-7.4p1-23.0.3.res7
CVE-ID: CVE-2023-48795
BDU-ID: 2023-08853
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and achieve the deletion of an arbitrary number of SSH service messages. Exploitation of the vulnerability could allow a remote attacker to bypass integrity checks, disable existing security features, and gain unauthorized access to protected information.
CVE-STATUS: Resolved
CVE-REV: To close, run the yum update openssh command
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
99.6%