CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

Published: Aug 17, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-15473
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-362

Affected Software
References

Software	From	Fixed in
openbsd / openssh	-	7.7.x
debian / debian_linux	8.0	8.0.x
debian / debian_linux	9.0	9.0.x
redhat / enterprise_linux_desktop	7.0	7.0.x
redhat / enterprise_linux_workstation	7.0	7.0.x
redhat / enterprise_linux_server	7.0	7.0.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	18.04	18.04.x
netapp / oncommand_unified_manager	9.4	9.4.x
netapp / virtual_storage_console	7.2	7.2.x
netapp / vasa_provider	7.2	7.2.x
netapp / storage_replication_adapter	7.2	7.2.x
oracle / sun_zfs_storage_appliance_kit	8.8.6	8.8.6.x
siemens / scalance_x204rna_firmware	-	3.2.7

Vulnerability Database

289,599

CVE-2018-15473