// For flags

CVE-2019-6110

OpenSSH SCP Client - Write Arbitrary Files

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

En OpenSSH 7.9, debido a la aceptación y la nuestra de salidas stderr arbitrarias del servidor, un servidor malicioso (o atacante Man-in-the-Middle) puede manipular la salida del cliente, por ejemplo, para emplear códigos de control de ANSI para ocultar los archivos adicionales que se están transfiriendo.

SCP clients have an issue where additional files can be copied over without your knowledge.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-01-10 CVE Reserved
  • 2019-01-11 First Exploit
  • 2019-01-16 CVE Published
  • 2024-06-23 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-838: Inappropriate Encoding for Output Context
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
Scalance X204rna Firmware
Search vendor "Siemens" for product "Scalance X204rna Firmware"
< 3.2.7
Search vendor "Siemens" for product "Scalance X204rna Firmware" and version " < 3.2.7"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204rna
Search vendor "Siemens" for product "Scalance X204rna"
--
Safe
Siemens
Search vendor "Siemens"
Scalance X204rna Eec Firmware
Search vendor "Siemens" for product "Scalance X204rna Eec Firmware"
< 3.2.7
Search vendor "Siemens" for product "Scalance X204rna Eec Firmware" and version " < 3.2.7"
-
Affected
in Siemens
Search vendor "Siemens"
Scalance X204rna Eec
Search vendor "Siemens" for product "Scalance X204rna Eec"
--
Safe
Openbsd
Search vendor "Openbsd"
Openssh
Search vendor "Openbsd" for product "Openssh"
<= 7.9
Search vendor "Openbsd" for product "Openssh" and version " <= 7.9"
-
Affected
Winscp
Search vendor "Winscp"
Winscp
Search vendor "Winscp" for product "Winscp"
<= 5.13
Search vendor "Winscp" for product "Winscp" and version " <= 5.13"
-
Affected
Netapp
Search vendor "Netapp"
Element Software
Search vendor "Netapp" for product "Element Software"
--
Affected
Netapp
Search vendor "Netapp"
Ontap Select Deploy
Search vendor "Netapp" for product "Ontap Select Deploy"
--
Affected
Netapp
Search vendor "Netapp"
Storage Automation Store
Search vendor "Netapp" for product "Storage Automation Store"
--
Affected