CVE-2018-1000805
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000805
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000805.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-1000805
- Aliases
- Downstream
- Related
- Published
- 2018-10-08T15:29:00.713Z
- Modified
- 2025-11-24T05:34:51.436967Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
- References
-
- https://herolab.usd.de/wp-content/uploads/sites/4/usd20180023.txt
- https://access.redhat.com/errata/RHBA-2018:3497
- https://access.redhat.com/errata/RHSA-2018:3347
- https://access.redhat.com/errata/RHSA-2018:3406
- https://access.redhat.com/errata/RHSA-2018:3505
- https://github.com/paramiko/paramiko/issues/1283
- https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html
- https://usn.ubuntu.com/3796-1/
- https://usn.ubuntu.com/3796-2/
- https://usn.ubuntu.com/3796-3/