CVE-2021-36368

3.7LOW

Key Information:

Vendor
OpenBSD
Status
Openssh
Vendor
CVE Published:
13 March 2022

Summary

An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

References

https://www.openssh.com/security.html
x_refsource_MISC
https://github.com/openssh/openssh-portable/pull/258
x_refsource_MISC
https://bugzilla.mindrot.org/show_bug.cgi?id=3316
x_refsource_CONFIRM

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.