An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."
References
Configurations
History
22 Dec 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Dec 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Dec 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack." |
18 Dec 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka "Rogue Extension Negotiation." | |
References |
|
26 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-14 03:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-46446
Mitre link : CVE-2023-46446
CVE.ORG link : CVE-2023-46446
JSON object : View
Products Affected
asyncssh_project
- asyncssh
CWE
CWE-639
Authorization Bypass Through User-Controlled Key