/

CVE-2023-51385 Report - Details, Severity, & Advisorie...

CVE-2023-51385 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-51385 Report - Details, Severity, & Advisories

CVE-2023-51385 is a medium-severity vulnerability affecting ssh in OpenSSH before version 9.6. It involves a potential command injection if a user name or host name contains shell metacharacters and is referenced by an expansion token in certain situations. This issue could impact various systems, including OpenBSD OpenSSH and Debian Linux versions 10.0, 11.0, and 12.0. The vulnerability is particularly concerning for users who interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names.

How do I know if I'm affected?

To determine if you're affected by the CVE-2023-51385 vulnerability, you should be aware of the software versions impacted. This includes OpenSSH up to (excluding) version 9.6 and Debian Linux versions 10.0, 11.0, and 12.0. You might be affected if you interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names. Keep in mind that this vulnerability is of medium severity and could lead to command injection in certain situations.

What should I do if I'm affected?

If you're affected by the CVE-2023-51385 vulnerability, it's crucial to update your software to mitigate the risk. For OpenSSH, upgrade to version 9.6 or later. Debian Linux users should update their openssh packages to the recommended version for their distribution. Additionally, sanitize hostname input to prevent malicious code injection. By following these steps, you can protect your system from potential command injection attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-51385 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This issue involves potential command injection in OpenSSH before version 9.6 when user names or host names contain shell metacharacters and are referenced by an expansion token. It was published on December 18, 2023. There is no due date provided, but users are advised to update their software and sanitize hostname input to prevent malicious code injection.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-78, which refers to improper neutralization of special elements used in an OS command, potentially leading to command injection attacks.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the links provided below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-51385 Report - Details, Severity, & Advisorie...

CVE-2023-51385 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-51385 Report - Details, Severity, & Advisories

CVE-2023-51385 is a medium-severity vulnerability affecting ssh in OpenSSH before version 9.6. It involves a potential command injection if a user name or host name contains shell metacharacters and is referenced by an expansion token in certain situations. This issue could impact various systems, including OpenBSD OpenSSH and Debian Linux versions 10.0, 11.0, and 12.0. The vulnerability is particularly concerning for users who interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names.

How do I know if I'm affected?

To determine if you're affected by the CVE-2023-51385 vulnerability, you should be aware of the software versions impacted. This includes OpenSSH up to (excluding) version 9.6 and Debian Linux versions 10.0, 11.0, and 12.0. You might be affected if you interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names. Keep in mind that this vulnerability is of medium severity and could lead to command injection in certain situations.

What should I do if I'm affected?

If you're affected by the CVE-2023-51385 vulnerability, it's crucial to update your software to mitigate the risk. For OpenSSH, upgrade to version 9.6 or later. Debian Linux users should update their openssh packages to the recommended version for their distribution. Additionally, sanitize hostname input to prevent malicious code injection. By following these steps, you can protect your system from potential command injection attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-51385 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This issue involves potential command injection in OpenSSH before version 9.6 when user names or host names contain shell metacharacters and are referenced by an expansion token. It was published on December 18, 2023. There is no due date provided, but users are advised to update their software and sanitize hostname input to prevent malicious code injection.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-78, which refers to improper neutralization of special elements used in an OS command, potentially leading to command injection attacks.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the links provided below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-51385 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-51385 Report - Details, Severity, & Advisories

CVE-2023-51385 is a medium-severity vulnerability affecting ssh in OpenSSH before version 9.6. It involves a potential command injection if a user name or host name contains shell metacharacters and is referenced by an expansion token in certain situations. This issue could impact various systems, including OpenBSD OpenSSH and Debian Linux versions 10.0, 11.0, and 12.0. The vulnerability is particularly concerning for users who interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names.

How do I know if I'm affected?

To determine if you're affected by the CVE-2023-51385 vulnerability, you should be aware of the software versions impacted. This includes OpenSSH up to (excluding) version 9.6 and Debian Linux versions 10.0, 11.0, and 12.0. You might be affected if you interact with untrusted Git repositories containing submodules with shell metacharacters in their user names or host names. Keep in mind that this vulnerability is of medium severity and could lead to command injection in certain situations.

What should I do if I'm affected?

If you're affected by the CVE-2023-51385 vulnerability, it's crucial to update your software to mitigate the risk. For OpenSSH, upgrade to version 9.6 or later. Debian Linux users should update their openssh packages to the recommended version for their distribution. Additionally, sanitize hostname input to prevent malicious code injection. By following these steps, you can protect your system from potential command injection attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-51385 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This issue involves potential command injection in OpenSSH before version 9.6 when user names or host names contain shell metacharacters and are referenced by an expansion token. It was published on December 18, 2023. There is no due date provided, but users are advised to update their software and sanitize hostname input to prevent malicious code injection.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-78, which refers to improper neutralization of special elements used in an OS command, potentially leading to command injection attacks.

For more details

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the links provided below.