VDB
CISA-2023-51385
CISA-2023-51385
PUBLISHED
CVSS 6.5 MEDIUM
Reported by mitre · Published December 18, 2023
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, * |
Timeline
- Dec 18, 2023 CVE Published
- Dec 18, 2025 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- DSA-5586 vendor-advisory
- [debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update mailing-list
- [oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling mailing-list
- GLSA-202312-17 vendor-advisory
- 20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4 mailing-list
- http://www.openwall.com/lists/oss-security/2025/10/07/1 url
- http://www.openwall.com/lists/oss-security/2025/10/12/1 url