CVE Vulnerabilities

CVE-2023-6004

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Published: Jan 03, 2024 | Modified: Sep 16, 2024
CVSS 3.x
4.8
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
CVSS 2.x
RedHat/V2
RedHat/V3
4.8 LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Ubuntu
MEDIUM

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.

Weakness

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Affected Software

Name Vendor Start Version End Version
Libssh Libssh 0.8.0 (including) 0.9.8 (excluding)
Libssh Libssh 0.10.0 (including) 0.10.6 (excluding)
Red Hat Enterprise Linux 8 RedHat libssh-0:0.9.6-14.el8 *
Red Hat Enterprise Linux 8 RedHat libssh-0:0.9.6-14.el8 *
Red Hat Enterprise Linux 9 RedHat libssh-0:0.10.4-13.el9 *
Red Hat Enterprise Linux 9 RedHat libssh-0:0.10.4-13.el9 *
Libssh Ubuntu bionic *
Libssh Ubuntu esm-infra/bionic *
Libssh Ubuntu esm-infra/xenial *
Libssh Ubuntu focal *
Libssh Ubuntu jammy *
Libssh Ubuntu lunar *
Libssh Ubuntu mantic *
Libssh Ubuntu trusty *
Libssh Ubuntu upstream *
Libssh Ubuntu xenial *

Potential Mitigations

References