100
Critical
openssh
AIKIDO-2024-10159: openssh is vulnerable to RCE in versions 0.1 - 4.4 and 8.5 - 9.7.
RCE
Vuln in 0.1 - 4.4
Vuln in 8.5 - 9.7
Fixed in 9.8p1
CVE-2024-6387
TL;DR
AKA RegreSSHion. Affected versions of OpenSSH are vulnerable to a unauthenticated, remote code execution vulnerability, that allows an attacker to get root access on the machine.
Who does this affect?
You're affected if you are using a vulnerable version of OpenSSH and you expose your SSH server on the internet on port 22.
How can it be fixed?
Disallow all traffic on port 22 except your own IP. Upgrade OpenSSH to a patched version when they are available.
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For FreeYour data won't be shared · Read-only access
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US