CVE-2018-7750
Paramiko not properly checking authentication before processing other requests
9.8
CRITICAL
CVSS 3.1
EPSS 17.7%
Description
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
How to fix CVE-2018-7750
To remediate CVE-2018-7750, upgrade the affected package to a fixed version below.
- —upgrade to 2.4.1-r0 or later
- —upgrade to 2.4.2-0.1 or later
- —upgrade to 2.0.8 or later
- —upgrade to fa29bd8446c8eab237f5187d28787727b4610516 or later
Is CVE-2018-7750 being exploited?
Moderate — EPSS is 17.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (4)
- from 0, < 2.4.1-r0
- from 0, < 2.4.2-0.1
- >= 2.0.0, < 2.0.8
- from 0, < fa29bd8446c8eab237f5187d28787727b4610516 | from 0, < 1.17.6, >= 2.0.0, < 2.0.8, >= 2.1.0, < 2.1.5, >= 2.2.0, < 2.2.3, >= 2.3.0, < 2.3.2, >= 1.18.0, < 1.18.5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |