CVE-2018-20685 vulnerability in NetApp and Other Products
Published on January 10, 2019

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-20685

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-20685 are published in these products:

NetApp Cloud Backup

NetApp Element Software

NetApp Ontap Select Deploy

NetApp Steelstore Cloud Integrated Storage

NetApp Storage Automation Store

OpenBSD OpenSSH

Winscp

Canonical Ubuntu Linux

Debian Linux

Oracle Solaris

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Eus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Server Aus

Exploit Probability

EPSS

3.38%

Percentile

86.94%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-20685 vulnerability in NetApp and Other ProductsPublished on January 10, 2019

Products Associated with CVE-2018-20685

Exploit Probability

CVE-2018-20685 vulnerability in NetApp and Other Products
Published on January 10, 2019