A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.72256.

Exploitation poc

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Almalinux
  • Almalinux
Amazon
  • Amazon Linux
Apple
  • Macos
Arista
  • Eos
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Freebsd
  • Freebsd
Netapp
  • 500f
  • 500f Firmware
  • 8300
  • 8300 Firmware
  • 8700
  • 8700 Firmware
  • A150
  • A150 Firmware
  • A1k
  • A1k Firmware
  • A220
  • A220 Firmware
  • A250
  • A250 Firmware
  • A400
  • A400 Firmware
  • A70
  • A700s
  • A700s Firmware
  • A70 Firmware
  • A800
  • A800 Firmware
  • A90
  • A900
  • A900 Firmware
  • A90 Firmware
  • A9500
  • A9500 Firmware
  • Active Iq Unified Manager
  • Bootstrap Os
  • C190
  • C190 Firmware
  • C250
  • C250 Firmware
  • C400
  • C400 Firmware
  • C800
  • C800 Firmware
  • E-series Santricity Os Controller
  • Fas2720
  • Fas2720 Firmware
  • Fas2750
  • Fas2750 Firmware
  • Fas2820
  • Fas2820 Firmware
  • Hci Compute Node
  • Ontap
  • Ontap Select Deploy Administration Utility
  • Ontap Tools
Netbsd
  • Netbsd
Openbsd
  • Openssh
Redhat
  • Ceph Storage
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Arm 64 Eus
  • Enterprise Linux For Ibm Z Systems
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Openshift
  • Openshift Container Platform
  • Rhel E4s
  • Rhel Eus
Sonicwall
  • Sma 6200
  • Sma 6200 Firmware
  • Sma 6210
  • Sma 6210 Firmware
  • Sma 7200
  • Sma 7200 Firmware
  • Sma 7210
  • Sma 7210 Firmware
  • Sma 8200v
  • Sma 8200v Firmware
  • Sra Ex 7000
  • Sra Ex 7000 Firmware
Suse
  • Linux Enterprise Micro

Configuration 1 [-]

AND
cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*

Configuration 5 [-]

cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 32 [-]

OR cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Configuration 33 [-]

OR cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*

Configuration 34 [-]

OR cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*

Configuration 35 [-]

cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*

Configuration 36 [-]

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Configuration 37 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*

Configuration 38 [-]

cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*

Configuration 39 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*

Configuration 40 [-]

OR cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*

Configuration 41 [-]

cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 9
openssh-0:8.7p1-38.el9_4.1 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4312 2024-07-03T00:00:00Z
openssh-0:8.7p1-38.el9_4.1 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:4312 2024-07-03T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
openssh-0:8.7p1-12.el9_0.1 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2024:4389 2024-07-08T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
openssh-0:8.7p1-30.el9_2.4 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:4340 2024-07-05T00:00:00Z
Red Hat OpenShift Container Platform 4.13
rhcos-413.92.202407091321-0 cpe:/a:redhat:openshift:4.13::el9 RHSA-2024:4484 2024-07-17T00:00:00Z
Red Hat OpenShift Container Platform 4.14
rhcos-414.92.202407091253-0 cpe:/a:redhat:openshift:4.14::el9 RHSA-2024:4479 2024-07-17T00:00:00Z
Red Hat OpenShift Container Platform 4.15
rhcos-415.92.202407091355-0 cpe:/a:redhat:openshift:4.15::el9 RHSA-2024:4474 2024-07-18T00:00:00Z
Red Hat OpenShift Container Platform 4.16
rhcos-416.94.202407081958-0 cpe:/a:redhat:openshift:4.16::el9 RHSA-2024:4469 2024-07-16T00:00:00Z

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections. 1) As root user, open the /etc/ssh/sshd_config 2) Add or edit the parameter configuration: ~~~ LoginGraceTime 0 ~~~ 3) Save and close the file 4) Restart the sshd daemon: ~~~ systemctl restart sshd.service ~~~ Setting LoginGraceTime to 0 disables the SSHD server's ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like 'fail2ban' alongside a firewall to monitor log files and manage connections appropriately. If any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.

References
Link Providers
http://seclists.org/fulldisclosure/2024/Jul/18 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/19 cve-icon
http://seclists.org/fulldisclosure/2024/Jul/20 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/12 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/01/13 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/02/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/11 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/03/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/04/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/08/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/09/5 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/10/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/11/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/4 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/23/6 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/07/28/3 cve-icon
https://access.redhat.com/errata/RHSA-2024:4312 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4340 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4389 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4469 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4474 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4479 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4484 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-6387 cve-icon cve-icon
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/ cve-icon
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/ cve-icon
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2294604 cve-icon cve-icon
https://explore.alas.aws.amazon.com/CVE-2024-6387.html cve-icon
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132 cve-icon
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc cve-icon
https://github.com/AlmaLinux/updates/issues/629 cve-icon
https://github.com/Azure/AKS/issues/4379 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248 cve-icon
https://github.com/PowerShell/Win32-OpenSSH/issues/2249 cve-icon
https://github.com/microsoft/azurelinux/issues/9555 cve-icon
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09 cve-icon
https://github.com/oracle/oracle-linux/issues/149 cve-icon
https://github.com/rapier1/hpn-ssh/issues/87 cve-icon
https://github.com/zgzhang/cve-2024-6387-poc cve-icon
https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/ cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html cve-icon
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html cve-icon
https://news.ycombinator.com/item?id=40843778 cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-6387 cve-icon
https://packetstorm.news/files/id/190587/ cve-icon
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010 cve-icon
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html cve-icon cve-icon cve-icon
https://security-tracker.debian.org/tracker/CVE-2024-6387 cve-icon
https://security.netapp.com/advisory/ntap-20240701-0001/ cve-icon
https://sig-security.rocky.page/issues/CVE-2024-6387/ cve-icon
https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/ cve-icon
https://support.apple.com/kb/HT214118 cve-icon
https://support.apple.com/kb/HT214119 cve-icon
https://support.apple.com/kb/HT214120 cve-icon
https://ubuntu.com/security/CVE-2024-6387 cve-icon
https://ubuntu.com/security/notices/USN-6859-1 cve-icon
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-6387 cve-icon
https://www.exploit-db.com/exploits/52269 cve-icon
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc cve-icon
https://www.openssh.com/txt/release-9.8 cve-icon cve-icon cve-icon
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt cve-icon cve-icon cve-icon
https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html cve-icon
https://www.suse.com/security/cve/CVE-2024-6387.html cve-icon
https://www.theregister.com/2024/07/01/regresshion_openssh/ cve-icon
https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387 cve-icon
History

Tue, 30 Sep 2025 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware
CPEs cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*
cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*
cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*
Vendors & Products Amazon linux 2023
Almalinux
Almalinux almalinux
Amazon amazon Linux
Apple
Apple macos
Arista
Arista eos
Netapp 500f
Netapp 500f Firmware
Netapp 8300
Netapp 8300 Firmware
Netapp 8700
Netapp 8700 Firmware
Netapp a150
Netapp a150 Firmware
Netapp a1k
Netapp a1k Firmware
Netapp a220
Netapp a220 Firmware
Netapp a250
Netapp a250 Firmware
Netapp a400
Netapp a400 Firmware
Netapp a70
Netapp a700s
Netapp a700s Firmware
Netapp a70 Firmware
Netapp a800
Netapp a800 Firmware
Netapp a90
Netapp a900
Netapp a900 Firmware
Netapp a90 Firmware
Netapp a9500
Netapp a9500 Firmware
Netapp active Iq Unified Manager
Netapp bootstrap Os
Netapp c190
Netapp c190 Firmware
Netapp c250
Netapp c250 Firmware
Netapp c400
Netapp c400 Firmware
Netapp c800
Netapp c800 Firmware
Netapp fas2720
Netapp fas2720 Firmware
Netapp fas2750
Netapp fas2750 Firmware
Netapp fas2820
Netapp fas2820 Firmware
Netapp hci Compute Node
Netapp ontap
Sonicwall
Sonicwall sma 6200
Sonicwall sma 6200 Firmware
Sonicwall sma 6210
Sonicwall sma 6210 Firmware
Sonicwall sma 7200
Sonicwall sma 7200 Firmware
Sonicwall sma 7210
Sonicwall sma 7210 Firmware
Sonicwall sma 8200v
Sonicwall sma 8200v Firmware
Sonicwall sra Ex 7000
Sonicwall sra Ex 7000 Firmware

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.55627}

 epss

{'score': 0.63456}

Wed, 21 May 2025 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10

Thu, 24 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
References

Sun, 24 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 19 Aug 2024 08:30:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-07-24T13:11:10.801Z

Reserved: 2024-06-27T13:41:03.421Z

Link: CVE-2024-6387

cve-icon Vulnrichment

Updated: 2025-04-24T18:35:27.934Z

cve-icon NVD

Status : Analyzed

Published: 2024-07-01T13:15:06.467

Modified: 2025-09-30T13:52:23.540

Link: CVE-2024-6387

cve-icon Redhat

Severity : Important

Publid Date: 2024-07-01T08:00:00Z

Links: CVE-2024-6387 - Bugzilla

cve-icon OpenCVE Enrichment

No data.