VDB

CVE-2018-10933

CVE-2018-10933 PUBLISHED

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

EPSS 78.33% · 99.0th percentile

Risk Scores

EPSS Score
78.33%
99.0th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSlibssh0, 0.6.3-3ubuntu3, 0.6.3-4.1
Ubuntu:18.04:LTSlibssh0.7.5-1, 0.8.0~20170825.94fa1e38-1, 0.8.0~20170825.94fa1e38-1build1
Ubuntu:14.04:LTSlibssh0, 0.5.4-1, 0.6.1-0ubuntu2

Exploit Intelligence

…and 516 more exploits

Timeline

  • Oct 16, 2018 CVE Published
  • Oct 19, 2018 PoC Published
  • Oct 19, 2018 PoC Published
  • Apr 14, 2021 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Jun 14, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 11, 2023 EPSS Score
  • Nov 15, 2023 EPSS Score
  • Dec 22, 2023 EPSS Score
  • Apr 18, 2024 EPSS Score
  • Dec 17, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›