VDB
CVE-2025-5449
CVE-2025-5449
PUBLISHED
CVSS 8.699999809265137 HIGH
libssh ist eine C Bibliothek für das Anbieten von SSH Diensten auf Client- und Serverseite. Sie kann genutzt werden, um aus der Ferne Programme auszuführen, Dateien zu übertragen oder als sicherer und transparenter Tunnel für entfernte Programme genutzt werden.
EPSS 0.52% · 67.2th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.52%
67.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8.8 | |
| IBM | IBM Security Verify Access <10.0.9.1 | |
| Red Hat | Red Hat OpenShift Container Platform <4.20.12 | |
| IBM | IBM QRadar SIEM <7.5.0 UP14 IF03 | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| NetApp | NetApp ActiveIQ Unified Manager for VMware vSphere | |
| Open Source | Open Source libssh <0.11.2 | |
| Dell | Dell NetWorker Virtual Edition | |
| NetApp | NetApp AFF Baseboard Management Controller | |
| Dell | Dell Avamar | |
| Meinberg | Meinberg LANTIME <7.08.025 | |
| NetApp | NetApp FAS Baseboard Management Controller | |
| Red Hat | Red Hat OpenShift Container Platform <4.17.43 | |
| IBM | IBM App Connect Enterprise <12.16.0 | |
| Fedora | Fedora Linux | |
| Dell | Dell Secure Connect Gateway Appliance <5.32.00.18 | |
| IBM | IBM App Connect Enterprise <12.0.16 | |
| Red Hat | Red Hat Enterprise Linux | |
| RESF | RESF Rocky Linux |
…and 2 more
Exploit Intelligence
- CIRCL seen: CVE-2025-5449 (circl-sighting)
- CIRCL seen: CVE-2025-5449 (circl-sighting)
- https://access.redhat.com/security/cve/CVE-2025-5449 (circl)
- RHBZ#2369705 (circl)
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=261612179f740bc62ba363d98b3bd5e5573a811f (circl)
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=3443aec90188d6aab9282afc80a81df5ab72c4da (circl)
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=5504ff40515439a5fecbb17da7483000c4d12eb7 (circl)
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=78485f446af9b30e37eb8f177b81940710d54496 (circl)
- https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb (circl)
- https://www.libssh.org/security/advisories/CVE-2025-5449.txt (circl)
Timeline
- CVE Published
- Jul 25, 2025 Coalition ESS Score
- Jul 25, 2025 PoC Published
- Jul 26, 2025 EPSS Score
- Jul 29, 2025 Coalition ESS Score
- Aug 4, 2025 EPSS Score
- Aug 13, 2025 EPSS Score
- Aug 14, 2025 Coalition ESS Score
- Aug 22, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 26, 2025 Coalition ESS Score
- Aug 31, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1423.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1423 advisory
- https://www.libssh.org/2025/06/24/libssh-0-11-2-security-and-bugfix-release/ advisory
- https://seclists.org/oss-sec/2025/q2/284 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-July/021759.html advisory
- https://ubuntu.com/security/notices/USN-7619-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-July/021789.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-July/021791.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-July/021792.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-18e8506d3a advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-August/022132.html advisory
- https://ubuntu.com/security/notices/USN-7696-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-August/022231.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-August/022366.html advisory
- https://www.ibm.com/support/pages/node/7246875 advisory
- https://access.redhat.com/errata/RHSA-2025:18231 advisory
- https://linux.oracle.com/errata/ELSA-2025-18275.html advisory
- https://errata.build.resf.org/RLSA-2025:18275 advisory
- https://access.redhat.com/errata/RHSA-2025:18286 advisory
- https://errata.build.resf.org/RLSA-2025:18231 advisory
…and 49 more