libssh libssh CVE-2018-10933 vulnerability in Libssh and Other Products
Published on October 17, 2018

product logo product logo product logo product logo product logo product logo
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

DEPRECATED: Authentication Bypass Issues

This weakness has been deprecated because it covered redundant concepts already described in CWE-287.


Products Associated with CVE-2018-10933

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-10933 are published in these products:

Libssh
 
NetApp Oncommand Unified Manager
 
NetApp Oncommand Workflow Automation
 
NetApp Snapcenter
 
NetApp Storage Automation Store
 
Oracle Mysql Workbench
 
Canonical Ubuntu Linux
 
Debian Linux
 
Red Hat Enterprise Linux (RHEL)
 

Affected Versions

[UNKNOWN] libssh:

Exploit Probability

EPSS
78.33%
Percentile
99.00%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.