Incomplete Destination Constraints in OpenSSH Affecting Key Management
CVE-2023-51384

5.5MEDIUM

Key Information:

Vendor
OpenBSD
Status
Openssh
Vendor
CVE Published:
18 December 2023

Badges

πŸ“° News Worthy

Summary

In OpenSSH versions prior to 9.6, a vulnerability exists within the ssh-agent related to the handling of destination constraints during the addition of PKCS#11-hosted private keys. The issue arises when these constraints are specified; they are only applied to the first added key, leading to potential security risks if multiple keys reside on the PKCS#11 token. This incomplete enforcement of constraints emphasizes the need for users to review their key management processes and update to the latest version of OpenSSH to mitigate associated risks.

News Articles

favicon imageBNN Breaking

OpenSSH Vulnerabilities - An Urgent Call for Continuous Security Updates

Several security vulnerabilities identified in OpenSSH could potentially allow attackers to escalate their privileges and execute command injection. The Terrapin attack further exploits the protocol's weaknesses, emphasizing the need for continuous security monitoring and updates.

1 year ago

References

https://www.openssh.com/txt/release-9.6
https://www.openwall.com/lists/oss-security/2023/12/18/2
https://github.com/openssh/openssh-portable/commit/881d9c...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by BNN Breaking

  • Vulnerability published

  • Vulnerability Reserved

.