V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2021-41617
AST
HighConfirmedExploit available

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemen…

CVSS
7.0
High
EPSS
0.02
p81
Published
2021-01-01
Updated
2021-01-01
Description

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

Tags · CWE
CWE-273
Affected products
Openquantumsafe-opensshOpenquantumsafe-openssh-askpass-commonOpenquantumsafe-openssh-clientsOpenquantumsafe-openssh-commonOpenquantumsafe-openssh-keysignOpenquantumsafe-openssh-serverOpenquantumsafe-openssh-server-controlOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpensshOpenssh
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Timeline
2021-01-01
Published
2021-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: H
High (H)
Privileges Required
PR: L
Low (L)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.024 · p81
Known exploited (KEV)
No
Known exploits — Сканер-ВС
CVE-2021-41617
github-poc · https://github.com/AdnanApriliyansyahh/CVE-2021-41617
Enterprise
Affected products
Debian
Openssh
Canonical
OpensshOpenssh-ssh1
Red Hat
OpensshOpenquantumsafe-opensshOpenquantumsafe-openssh-askpass-commonOpenquantumsafe-openssh-clientsOpenquantumsafe-openssh-commonOpenquantumsafe-openssh-keysignOpenquantumsafe-openssh-serverOpenquantumsafe-openssh-server-control
Oracle
Zfs Storage Appliance KitHttp Server
Группа Астра (РусБИТех)
Openssh
Fedoraproject
Fedora
Netapp
Active Iq Unified ManagerSolidfireClustered Data OntapHci Management NodeOntap Select Deploy Administration UtilityAff 500fAff 500f FirmwareAff A250Aff A250 Firmware
Openbsd
Openssh
Starwindsoftware
Starwind Virtual San
ProductVendorStatus
openquantumsafe-opensshTracked
openquantumsafe-openssh-askpass-commonTracked
openquantumsafe-openssh-clientsTracked
openquantumsafe-openssh-commonTracked
openquantumsafe-openssh-keysignTracked
openquantumsafe-openssh-serverTracked
openquantumsafe-openssh-server-controlTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
opensshTracked
Showing first 20 of 53
Source databases
AST
DEB
CVE
RED
UBU
Related vulnerabilities
BDU:2023-03837