CVE-2023-28531

Common Vulnerabilities and Exposures

Last Post by kajal 1 year ago

2 Posts

2 Users

0 Reactions

1,140 Views

RSS

Ivan Lon

(@ivan)

Posts: 93

Trusted Member

Topic starter

Description:-

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

References

Posted : 07/05/2024 4:23 pm

kajal

(@kajal)

Posts: 303

Reputable Member

A vulnerability disclosed under CVE-2023-28531 states that ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. Exploiting this vulnerability could lead to the disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Posted : 15/10/2024 10:18 pm

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed