Vulnerability-Lookup

VDE-2024-043

Vulnerability from csaf_welotecgmbh - Published: 2024-08-22 06:00 - Updated: 2024-08-22 06:00

Summary

Welotec: Multiple products are vulnerable to regreSSHion

Notes

Summary: Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.

Impact: The vulnerability can lead to unauthenticated remote code execution.

Mitigation: Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information

Remediation: Update egOS on affected products to version v1.5.4

CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Mitigation Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information

Vendor Fix Update egOS on affected products to version v1.5.4

Affected products

Fixed 21 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—
Unresolved product id: CSAFPID-32003		—
Unresolved product id: CSAFPID-32004		—
Unresolved product id: CSAFPID-32005		—
Unresolved product id: CSAFPID-32006		—
Unresolved product id: CSAFPID-32007		—
Unresolved product id: CSAFPID-32008		—
Unresolved product id: CSAFPID-32009		—
Unresolved product id: CSAFPID-32010		—
Unresolved product id: CSAFPID-32011		—
Unresolved product id: CSAFPID-32012		—
Unresolved product id: CSAFPID-32013		—
Unresolved product id: CSAFPID-32014		—
Unresolved product id: CSAFPID-32015		—
Unresolved product id: CSAFPID-32016		—
Unresolved product id: CSAFPID-32017		—
Unresolved product id: CSAFPID-32018		—
Unresolved product id: CSAFPID-32019		—
Unresolved product id: CSAFPID-32020		—
Unresolved product id: CSAFPID-32021		—

Known affected 21 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—
Unresolved product id: CSAFPID-31009		—
Unresolved product id: CSAFPID-31010		—
Unresolved product id: CSAFPID-31011		—
Unresolved product id: CSAFPID-31012		—
Unresolved product id: CSAFPID-31013		—
Unresolved product id: CSAFPID-31014		—
Unresolved product id: CSAFPID-31015		—
Unresolved product id: CSAFPID-31016		—
Unresolved product id: CSAFPID-31017		—
Unresolved product id: CSAFPID-31018		—
Unresolved product id: CSAFPID-31019		—
Unresolved product id: CSAFPID-31020		—
Unresolved product id: CSAFPID-31021		—

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2024-043/	self
https://welotec.csaf-tp.certvde.com/.well-known/c…	self
https://welotec.com	external
https://certvde.com/en/advisories/vendor/welotec/	external

Acknowledgments

CERT@VDE certvde.com

Qualys Threat Research Unit (TRU)

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "organization": "Qualys Threat Research Unit (TRU)",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The vulnerability can lead to unauthenticated remote code execution.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Update egOS on affected products to version v1.5.4",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@welotec.com",
      "name": "Welotec GmbH",
      "namespace": "https://welotec.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2024-043: Welotec: Multiple products are vulnerable to regreSSHion - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-043/"
      },
      {
        "category": "self",
        "summary": "VDE-2024-043: Welotec: Multiple products are vulnerable to regreSSHion - CSAF",
        "url": "https://welotec.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-043.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://welotec.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Welotec GmbH",
        "url": "https://certvde.com/en/advisories/vendor/welotec/"
      }
    ],
    "title": "Welotec: Multiple products are vulnerable to regreSSHion",
    "tracking": {
      "aliases": [
        "VDE-2024-043"
      ],
      "current_release_date": "2024-08-22T06:00:00.000Z",
      "generator": {
        "date": "2025-04-14T08:39:21.553Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.23"
        }
      },
      "id": "VDE-2024-043",
      "initial_release_date": "2024-08-22T06:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-08-22T06:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "EG500Mk2-A11001-000101",
                "product": {
                  "name": "EG500Mk2-A11001-000101",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100170"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-A11001-000201",
                "product": {
                  "name": "EG500Mk2-A11001-000201",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100290"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-A11101-000101",
                "product": {
                  "name": "EG500Mk2-A11101-000101",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100160"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-A12011-000101",
                "product": {
                  "name": "EG500Mk2-A12011-000101",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100280"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-B11001-000101",
                "product": {
                  "name": "EG500Mk2-B11001-000101",
                  "product_id": "CSAFPID-11005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100190"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-B11101-000101",
                "product": {
                  "name": "EG500Mk2-B11101-000101",
                  "product_id": "CSAFPID-11006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100180"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-C11001-000101",
                "product": {
                  "name": "EG500Mk2-C11001-000101",
                  "product_id": "CSAFPID-11007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100270"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG500Mk2-C11101-000101",
                "product": {
                  "name": "EG500Mk2-C11101-000101",
                  "product_id": "CSAFPID-11008",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100260"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG503L",
                "product": {
                  "name": "EG503L",
                  "product_id": "CSAFPID-11009",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100020"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG503L_4GB",
                "product": {
                  "name": "EG503L_4GB",
                  "product_id": "CSAFPID-11010",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100040"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG503L-G",
                "product": {
                  "name": "EG503L-G",
                  "product_id": "CSAFPID-11011",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100130"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG503W",
                "product": {
                  "name": "EG503W",
                  "product_id": "CSAFPID-11012",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100010"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG503W_4GB",
                "product": {
                  "name": "EG503W_4GB",
                  "product_id": "CSAFPID-11013",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG500100030"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG602L",
                "product": {
                  "name": "EG602L",
                  "product_id": "CSAFPID-11014",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG600100020"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG602W",
                "product": {
                  "name": "EG602W",
                  "product_id": "CSAFPID-11015",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG600100010"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG603L Mk2",
                "product": {
                  "name": "EG603L Mk2",
                  "product_id": "CSAFPID-11016",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG600100050"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG603W Mk2",
                "product": {
                  "name": "EG603W Mk2",
                  "product_id": "CSAFPID-11017",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG600100040"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG802W",
                "product": {
                  "name": "EG802W",
                  "product_id": "CSAFPID-11018",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG800100010"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG802W_i7_512GB_DinRail",
                "product": {
                  "name": "EG802W_i7_512GB_DinRail",
                  "product_id": "CSAFPID-11019",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG800100040"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG802W_i7_512GB_w/o DinRail",
                "product": {
                  "name": "EG802W_i7_512GB_w/o DinRail",
                  "product_id": "CSAFPID-11020",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG800100050"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EG804W",
                "product": {
                  "name": "EG804W",
                  "product_id": "CSAFPID-11021",
                  "product_identification_helper": {
                    "model_numbers": [
                      "WEG800100020"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=v1.5.3",
                "product": {
                  "name": "Firmware \u003c=v1.5.3",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "v1.5.4",
                "product": {
                  "name": "Firmware v1.5.4",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Welotec"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016",
          "CSAFPID-32017",
          "CSAFPID-32018",
          "CSAFPID-32019",
          "CSAFPID-32020",
          "CSAFPID-32021"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11001-000101",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11001-000201",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11101-000101",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A12011-000101",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-B11001-000101",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-B11101-000101",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-C11001-000101",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-C11101-000101",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG503L",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG503L_4GB",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG503L-G",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG503W",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG503W_4GB",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG602L",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG602W",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG603L Mk2",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG603W Mk2",
          "product_id": "CSAFPID-31017"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG802W",
          "product_id": "CSAFPID-31018"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG802W_i7_512GB_DinRail",
          "product_id": "CSAFPID-31019"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG802W_i7_512GB_w/o DinRail",
          "product_id": "CSAFPID-31020"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=v1.5.3 installed on EG804W",
          "product_id": "CSAFPID-31021"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11021"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-A11001-000101",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-A11001-000201",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-A11101-000101",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-A12011-000101",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-B11001-000101",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-B11101-000101",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-C11001-000101",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG500Mk2-C11101-000101",
          "product_id": "CSAFPID-32008"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG503L",
          "product_id": "CSAFPID-32009"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG503L_4GB",
          "product_id": "CSAFPID-32010"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG503L-G",
          "product_id": "CSAFPID-32011"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG503W",
          "product_id": "CSAFPID-32012"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG503W_4GB",
          "product_id": "CSAFPID-32013"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG602L",
          "product_id": "CSAFPID-32014"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG602W",
          "product_id": "CSAFPID-32015"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG603L Mk2",
          "product_id": "CSAFPID-32016"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG603W Mk2",
          "product_id": "CSAFPID-32017"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG802W",
          "product_id": "CSAFPID-32018"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG802W_i7_512GB_DinRail",
          "product_id": "CSAFPID-32019"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG802W_i7_512GB_w/o DinRail",
          "product_id": "CSAFPID-32020"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v1.5.4 installed on EG804W",
          "product_id": "CSAFPID-32021"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11021"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016",
          "CSAFPID-32017",
          "CSAFPID-32018",
          "CSAFPID-32019",
          "CSAFPID-32020",
          "CSAFPID-32021"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update egOS on affected products to version v1.5.4",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021"
          ]
        }
      ],
      "title": "CVE-2024-6387"
    }
  ]
}

CVE-2024-6387 (GCVE-0-2024-6387)

Vulnerability from cvelistv5 – Published: 2024-07-01 12:37 – Updated: 2026-05-12 11:39

Title

Openssh: regresshion - race condition in ssh allows rce/dos

Summary

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-364 - Signal Handler Race Condition

Assigner

redhat

References

12 references

URL	Tags
https://access.redhat.com/errata/RHSA-2024:4312	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4340	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4389	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4469	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4474	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4479	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4484	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6387	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2294604	issue-trackingx_refsource_REDHAT
https://santandersecurityresearch.github.io/blog/…
https://www.openssh.com/txt/release-9.8
https://www.qualys.com/2024/07/01/cve-2024-6387/r…

Impacted products

16 products

Vendor	Product	Version
		Affected: 8.5p1 , ≤ 9.7p1 (custom)
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:8.7p1-12.el9_0.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:8.7p1-30.el9_2.4 , < * (rpm) cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 413.92.202407091321-0 , < * (rpm) cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 414.92.202407091253-0 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 415.92.202407091355-0 , < * (rpm) cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 416.94.202407081958-0 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat Ceph Storage 5	cpe:/a:redhat:ceph_storage:5
Red Hat	Red Hat Ceph Storage 6	cpe:/a:redhat:ceph_storage:6
Red Hat	Red Hat Ceph Storage 7	cpe:/a:redhat:ceph_storage:7
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Date Public ?

2024-07-01 08:00

Credits

Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6387",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T13:18:34.695298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T13:18:46.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-24T18:35:27.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
          },
          {
            "url": "https://www.exploit-db.com/exploits/52269"
          },
          {
            "url": "https://packetstorm.news/files/id/190587/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          },
          {
            "name": "RHSA-2024:4312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4312"
          },
          {
            "name": "RHSA-2024:4340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4340"
          },
          {
            "name": "RHSA-2024:4389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4389"
          },
          {
            "name": "RHSA-2024:4469",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4469"
          },
          {
            "name": "RHSA-2024:4474",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4474"
          },
          {
            "name": "RHSA-2024:4479",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4479"
          },
          {
            "name": "RHSA-2024:4484",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4484"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
          },
          {
            "name": "RHBZ#2294604",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/AlmaLinux/updates/issues/629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/4379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/azurelinux/issues/9555"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oracle/oracle-linux/issues/149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/issues/87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/zgzhang/cve-2024-6387-poc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=40843778"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6859-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214119"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214118"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "Industrial Edge Management OS (IEM-OS)",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SINAMICS IIoT module",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V1.0 HF1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SINEMA Remote Connect Server",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.2 SP2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SINUMERIK ONE",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V6.24",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:39:26.672Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-446545.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.7p1",
              "status": "affected",
              "version": "8.5p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-12.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-30.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202407091321-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407091253-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407091355-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202407081958-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-01T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-11T06:17:03.387Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4312"
        },
        {
          "name": "RHSA-2024:4340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4340"
        },
        {
          "name": "RHSA-2024:4389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4389"
        },
        {
          "name": "RHSA-2024:4469",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4469"
        },
        {
          "name": "RHSA-2024:4474",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4474"
        },
        {
          "name": "RHSA-2024:4479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4479"
        },
        {
          "name": "RHSA-2024:4484",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4484"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
        },
        {
          "name": "RHBZ#2294604",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
        },
        {
          "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.8"
        },
        {
          "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-27T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-01T08:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Openssh: regresshion - race condition in ssh allows rce/dos",
      "workarounds": [
        {
          "lang": "en",
          "value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6387",
    "datePublished": "2024-07-01T12:37:25.431Z",
    "dateReserved": "2024-06-27T13:41:03.421Z",
    "dateUpdated": "2026-05-12T11:39:26.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VDE-2024-043

CVE-2024-6387 (GCVE-0-2024-6387)

Tags

Sightings

Nomenclature