{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-03-13T00:00:00", "descriptions": [{"lang": "en", "value": "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-28T12:06:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2018:1124", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1124"}, {"name": "45712", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/45712/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/paramiko/paramiko/issues/1175"}, {"name": "RHSA-2018:1125", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1125"}, {"name": "RHSA-2018:1972", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1972"}, {"name": "RHSA-2018:1274", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1274"}, {"name": "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html"}, {"name": "USN-3603-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3603-2/"}, {"name": "RHSA-2018:0646", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0646"}, {"name": "RHSA-2018:1213", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1213"}, {"name": "USN-3603-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3603-1/"}, {"name": "RHSA-2018:1525", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1525"}, {"name": "RHSA-2018:1328", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1328"}, {"name": "RHSA-2018:0591", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:0591"}, {"name": "103713", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103713"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst"}, {"name": "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-7750", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:1124", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1124"}, {"name": "45712", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/45712/"}, {"name": "https://github.com/paramiko/paramiko/issues/1175", "refsource": "CONFIRM", "url": "https://github.com/paramiko/paramiko/issues/1175"}, {"name": "RHSA-2018:1125", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1125"}, {"name": "RHSA-2018:1972", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1972"}, {"name": "RHSA-2018:1274", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1274"}, {"name": "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html"}, {"name": "USN-3603-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3603-2/"}, {"name": "RHSA-2018:0646", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0646"}, {"name": "RHSA-2018:1213", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1213"}, {"name": "USN-3603-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3603-1/"}, {"name": "RHSA-2018:1525", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1525"}, {"name": "RHSA-2018:1328", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1328"}, {"name": "RHSA-2018:0591", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0591"}, {"name": "103713", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103713"}, {"name": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", "refsource": "CONFIRM", "url": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516"}, {"name": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", "refsource": "CONFIRM", "url": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst"}, {"name": "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:58.928Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:1124", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1124"}, {"name": "45712", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/45712/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/paramiko/paramiko/issues/1175"}, {"name": "RHSA-2018:1125", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1125"}, {"name": "RHSA-2018:1972", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1972"}, {"name": "RHSA-2018:1274", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1274"}, {"name": "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html"}, {"name": "USN-3603-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3603-2/"}, {"name": "RHSA-2018:0646", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:0646"}, {"name": "RHSA-2018:1213", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1213"}, {"name": "USN-3603-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3603-1/"}, {"name": "RHSA-2018:1525", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1525"}, {"name": "RHSA-2018:1328", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1328"}, {"name": "RHSA-2018:0591", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:0591"}, {"name": "103713", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103713"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst"}, {"name": "[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-7750", "datePublished": "2018-03-13T18:00:00", "dateReserved": "2018-03-07T00:00:00", "dateUpdated": "2024-08-05T06:37:58.928Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D1D3BB9-1426-4498-9BB4-A7F7696C7D18", "versionEndExcluding": "1.17.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F645AC2-3A4F-47C7-9DFC-DEB25C467D21", "versionEndExcluding": "1.18.5", "versionStartIncluding": "1.18.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B500C82-6C71-4ED6-B334-E13DBFFA6F51", "versionEndExcluding": "2.0.8", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "E90FB648-ABD2-4BDC-AD67-DD904595D967", "versionEndExcluding": "2.1.5", "versionStartIncluding": "2.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2C6E9E8-AF99-4E7B-8EE4-646835D7AFE1", "versionEndExcluding": "2.2.3", "versionStartIncluding": "2.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E16324F-880D-44DF-8F01-EFAAA5358E81", "versionEndExcluding": "2.3.2", "versionStartIncluding": "2.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paramiko:paramiko:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFD08D44-023B-4126-8D7F-E9ECFDA59A6E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8989CD03-49A1-4831-BF98-9F21592788BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "5864D753-2A37-4800-A73E-6ACA0662B605", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "32E1BA91-4695-4E64-A9D7-4A6CB6904D41", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "67F7263F-113D-4BAE-B8CB-86A61531A2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "03EB0F63-DB24-4240-BC44-C92BAE7EAF42", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step."}, {"lang": "es", "value": "transport.py en la implementaci\u00f3n del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x anteriores a la 1.18.5; versiones 2.0.x anteriores a la 2.0.8; versiones 2.1.x anteriores a la 2.1.5; versiones 2.2.x anteriores a la 2.2.3; versiones 2.3.x anteriores a la 2.3.2 y versiones 2.4.x anteriores a la 2.4.1, no comprueba adecuadamente si la autenticaci\u00f3n se ha completado antes de procesar otras peticiones, tal y como demuestra channel-open. Un cliente SSH personalizado puede simplemente omitir el paso de autenticaci\u00f3n."}], "id": "CVE-2018-7750", "lastModified": "2022-04-18T17:30:23.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-13T18:29:00.303", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103713"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:0591"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:0646"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1124"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1125"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1213"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1274"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1328"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1525"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1972"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/paramiko/paramiko/issues/1175"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3603-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3603-2/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/45712/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "ansible-0:2.4.4.0-1.el7ae", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "ansible-tower-0:3.1.7-1.el7at", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "cfme-0:5.8.4.5-1.el7cf", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "cfme-appliance-0:5.8.4.5-1.el7cf", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "cfme-gemset-0:5.8.4.5-1.el7cf", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1972", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7", "impact": "low", "package": "rh-ruby23-rubygem-json-0:2.1.0-1.el7cf", "product_name": "CloudForms Management Engine 5.8", "release_date": "2018-06-25T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "ansible-0:2.4.4.0-1.el7ae", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "ansible-tower-0:3.2.4-1.el7at", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "cfme-0:5.9.2.4-1.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "cfme-amazon-smartstate-0:5.9.2.4-1.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "cfme-appliance-0:5.9.2.4-1.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "cfme-gemset-0:5.9.2.4-1.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "dbus-api-service-0:1.0.1-3.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "httpd-configmap-generator-0:0.2.1-2.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "postgresql96-0:9.6.6-1PGDG.el7", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "rh-ruby23-rubygem-json-0:2.1.0-1.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1328", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.9::el7", "impact": "low", "package": "rh-ruby23-rubygem-qpid_proton-0:0.22.0-2.el7cf", "product_name": "CloudForms Management Engine 5.9", "release_date": "2018-05-07T00:00:00Z"}, {"advisory": "RHSA-2018:1213", "cpe": "cpe:/a:redhat:ansible_engine:2.4::el7", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "Red Hat Ansible Engine 2.4 for RHEL 7", "release_date": "2018-04-24T00:00:00Z"}, {"advisory": "RHSA-2018:0646", "cpe": "cpe:/a:redhat:ansible_engine:2::el7", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "Red Hat Ansible Engine 2 for RHEL 7", "release_date": "2018-04-05T00:00:00Z"}, {"advisory": "RHSA-2018:1124", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "python-paramiko-0:1.7.5-4.el6_9", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:1125", "cpe": "cpe:/o:redhat:rhel_aus:6.4", "package": "python-paramiko-0:1.7.5-4.el6_4", "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:1125", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "python-paramiko-0:1.7.5-4.el6_5", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:1125", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "python-paramiko-0:1.7.5-4.el6_6", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:1125", "cpe": "cpe:/o:redhat:rhel_tus:6.6", "package": "python-paramiko-0:1.7.5-4.el6_6", "product_name": "Red Hat Enterprise Linux 6.6 Telco Extended Update Support", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:1125", "cpe": "cpe:/o:redhat:rhel_eus:6.7", "package": "python-paramiko-0:1.7.5-4.el6_7", "product_name": "Red Hat Enterprise Linux 6.7 Extended Update Support", "release_date": "2018-04-12T00:00:00Z"}, {"advisory": "RHSA-2018:0591", "cpe": "cpe:/a:redhat:rhel_extras_other:7", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "Red Hat Enterprise Linux 7 Extras", "release_date": "2018-03-26T00:00:00Z"}, {"advisory": "RHSA-2018:1274", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-02T00:00:00Z"}, {"advisory": "RHSA-2018:1525", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "rhvm-appliance-0:4.2-20180504.0", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1274", "cpe": "cpe:/a:redhat:rhev_manager:4", "impact": "low", "package": "python-paramiko-0:2.1.1-4.el7", "product_name": "Red Hat Virtualization Engine 4.1", "release_date": "2018-05-02T00:00:00Z"}], "bugzilla": {"description": "python-paramiko: Authentication bypass in transport.py", "id": "1557130", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557130"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-287", "details": ["transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.", "It was found that when acting as an SSH server, paramiko did not properly check whether authentication is completed before processing other requests. A customized SSH client could use this to bypass authentication when accessing any resources controlled by paramiko."], "name": "CVE-2018-7750", "package_state": [{"cpe": "cpe:/a:redhat:ceph_storage:2", "fix_state": "Affected", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat Ceph Storage 2"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}, {"cpe": "cpe:/a:redhat:openshift:3", "fix_state": "Affected", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenShift Enterprise 3"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Affected", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}, {"cpe": "cpe:/a:redhat:qci:1.0::el7", "fix_state": "Will not fix", "package_name": "python-paramiko", "product_name": "Red Hat Quickstart Cloud Installer 1"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Out of support scope", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:rhscon:2", "fix_state": "Will not fix", "impact": "low", "package_name": "python-paramiko", "product_name": "Red Hat Storage Console 2"}, {"cpe": "cpe:/a:redhat:rhui:3", "fix_state": "Will not fix", "package_name": "python-paramiko", "product_name": "Red Hat Update Infrastructure 3 for Cloud Providers"}], "public_date": "2018-03-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-7750\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-7750"], "statement": "This flaw is a user authentication bypass in the SSH Server functionality of paramiko (normally used by subclassing `paramiko.ServerInterface`). Where paramiko is used only for its client-side functionality (e.g. `paramiko.SSHClient`), the vulnerability is not exposed and thus cannot be exploited.\nThe following Red Hat products use paramiko only in client-side mode. Server side functionality is not used.\n* Red Hat Ceph Storage 2\n* Red Hat CloudForms 4\n* Red Hat Enterprise Linux 7\n* Red Hat Enterprise Virtualization\n* Red Hat Gluster Storage 3\n* Red Hat Openshift Container Platform\n* Red Hat Quick Cloud Installer\n* Red Hat Satellite 6\n* Red Hat Storage Console 2\n* Red Hat OpenStack Platform\n* Red Hat Update Infrastructure", "threat_severity": "Critical", "upstream_fix": "python-paramiko 1.17.6, python-paramiko 1.18.5, python-paramiko 2.0.8, python-paramiko 2.1.5, python-paramiko 2.2.3, python-paramiko 2.3.2, python-paramiko 2.4.1"}