{"containers": {"cna": {"affected": [{"product": "ssh2", "vendor": "mscdex", "versions": [{"status": "affected", "version": "< 1.4.0"}]}], "descriptions": [{"lang": "en", "value": "ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-20T19:40:12", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.npmjs.com/package/ssh2"}], "source": {"advisory": "GHSL-2020-123", "discovery": "INTERNAL"}, "title": "Command injection in mscdex/ssh2", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-26301", "STATE": "PUBLIC", "TITLE": "Command injection in mscdex/ssh2"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ssh2", "version": {"version_data": [{"version_value": "< 1.4.0"}]}}]}, "vendor_name": "mscdex"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21", "refsource": "MISC", "url": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21"}, {"name": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/", "refsource": "CONFIRM", "url": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"}, {"name": "https://www.npmjs.com/package/ssh2", "refsource": "MISC", "url": "https://www.npmjs.com/package/ssh2"}]}, "source": {"advisory": "GHSL-2020-123", "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:56:04.459Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.npmjs.com/package/ssh2"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-26301", "datePublished": "2021-09-20T19:40:12", "dateReserved": "2020-10-01T00:00:00", "dateUpdated": "2024-08-04T15:56:04.459Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "9A046B48-27ED-41C9-876A-07D1CC226B4A", "versionEndExcluding": "1.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0."}, {"lang": "es", "value": "ssh2 es un m\u00f3dulo cliente y servidor escrito en JavaScript puro para node.js. En ssh2 versiones anteriores a 1.4.0, se presenta una vulnerabilidad de inyecci\u00f3n de comandos. El problema s\u00f3lo se presenta en Windows. Este problema puede conllevar una ejecuci\u00f3n de c\u00f3digo remota si un cliente de la biblioteca llama al m\u00e9todo vulnerable con una entrada no fiable. Esto es corregido en la versi\u00f3n 1.4.0"}], "id": "CVE-2020-26301", "lastModified": "2024-11-21T05:19:48.493", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-20T20:15:11.513", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"}, {"source": "security-advisories@github.com", "tags": ["Product", "Third Party Advisory"], "url": "https://www.npmjs.com/package/ssh2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/mscdex/ssh2/commit/f763271f41320e71d5cbee02ea5bc6a2ded3ca21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Third Party Advisory"], "url": "https://www.npmjs.com/package/ssh2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/cephcsi-rhel8:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/mcg-core-rhel8:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/mcg-rhel8-operator:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/ocs-must-gather-rhel8:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/ocs-operator-bundle:v4.8.5-2", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/ocs-rhel8-operator:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/rook-ceph-rhel8-operator:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}, {"advisory": "RHSA-2021:4845", "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8", "package": "ocs4/volume-replication-rhel8-operator:v4.8.5-1", "product_name": "Red Hat OpenShift Container Storage 4.8.0 on RHEL-8", "release_date": "2021-11-29T00:00:00Z"}], "bugzilla": {"description": "nodejs-ssh2: Command injection by calling vulnerable method with untrusted input", "id": "2006958", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006958"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-78", "details": ["ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0.", "A flaw was found in nodejs-ssh2. An OS command injection attack on Windows allows an attacker to perform remote code execution and potentially execute arbitrary code. The highest threat from this vulnerability is to confidentiality and integrity."], "name": "CVE-2020-26301", "package_state": [{"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "noobaa-core-container", "product_name": "Red Hat Openshift Data Foundation 4"}], "public_date": "2021-09-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-26301\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-26301\nhttps://securitylab.github.com/advisories/GHSL-2020-123-mscdex-ssh2/"], "statement": "This issue affects ssh2 as shipped with all versions of Red Hat Openshift Container Storage and Red Hat Openshift Data Foundations. However, this flaw requires a Windows based attack, and therefore, the impact is adjusted accordingly to a moderate risk.", "threat_severity": "Moderate"}