{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-46446", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T20:45:42.126Z", "dateReserved": "2023-10-23T00:00:00", "datePublished": "2023-11-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-22T20:06:15.856819"}, "descriptions": [{"lang": "en", "value": "An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a \"Rogue Session Attack.\""}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm"}, {"name": "FEDORA-2023-d2956318e4", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/"}, {"url": "https://www.terrapin-attack.com"}, {"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"}, {"url": "https://github.com/advisories/GHSA-c35q-ffpf-5qpm"}, {"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"}, {"url": "https://security.netapp.com/advisory/ntap-20231222-0001/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:45:42.126Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm", "tags": ["x_transferred"]}, {"name": "FEDORA-2023-d2956318e4", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/"}, {"url": "https://www.terrapin-attack.com", "tags": ["x_transferred"]}, {"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", "tags": ["x_transferred"]}, {"url": "https://github.com/advisories/GHSA-c35q-ffpf-5qpm", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20231222-0001/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CCE165C-9A45-4A7B-95AF-2DF9137B4075", "versionEndExcluding": "2.14.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a \"Rogue Session Attack.\""}, {"lang": "es", "value": "Un problema en AsyncSSH v2.14.0 y versiones anteriores permite a los atacantes controlar el final remoto de una sesi\u00f3n de cliente SSH mediante inyecci\u00f3n/eliminaci\u00f3n de paquetes y emulaci\u00f3n de shell."}], "id": "CVE-2023-46446", "lastModified": "2023-12-22T20:15:07.367", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-14T03:15:09.573", "references": [{"source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"}, {"source": "cve@mitre.org", "url": "https://github.com/advisories/GHSA-c35q-ffpf-5qpm"}, {"source": "cve@mitre.org", "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20231222-0001/"}, {"source": "cve@mitre.org", "url": "https://www.terrapin-attack.com"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "python-asyncssh: Rogue Session Attack", "id": "2250329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250329"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "status": "draft"}, "cwe": "CWE-345->CWE-349->CWE-354->CWE-359", "details": ["An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a \"Rogue Session Attack.\"", "A flaw was found in python-synch before the 2.14.1 versions, where the client can log in to the attacker's account without the client being able to detect this. This flaw allows an attacker to control the remote end of the SSH session completely, resulting in a complete break of the confidentiality and integrity of the secure channel, which could cause more issues depending on the application logic implemented by the AsyncSSH server."], "name": "CVE-2023-46446", "package_state": [{"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "python-asyncssh", "product_name": "Red Hat Ceph Storage 6"}], "public_date": "2023-11-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-46446\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-46446\nhttps://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm"], "threat_severity": "Moderate", "upstream_fix": "python-asyncssh 2.14.1"}