CVE-2024-41909

Apache MINA SSHD: integrity check bypass

Severity Score

5.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

NVD
RedHat

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with a connection for which
some security features have been downgraded or disabled, aka a Terrapin
attack

The mitigations to prevent this type of attack were implemented in Apache MINA SSHD 2.12.0, both client and server side. Users are recommended to upgrade to at least this version. Note that both the client and the server implementation must have mitigations applied against this issue, otherwise the connection may still be affected.

A flaw was found in Apache MINA SSHD. This flaw allows an attacker who can intercept traffic between the client and server to drop certain packets from the stream. This potentially causes a Terrapin attack where the client and server consequently end up with a connection for which some security features have been downgraded or disabled.

*Credits: Fabian Bäumer

CVSS Scores

Red Hatv3.1 5.9

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-23 CVE Reserved
2024-08-12 CVE Published
2024-08-31 EPSS Updated
2024-10-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-354: Improper Validation of Integrity Check Value

CAPEC

References (4)

URL	Tag	Source
https://github.com/apache/mina-sshd/issues/445	Issue Tracking

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://lists.apache.org/thread/vwf1ot8wx1njyy8n19j5j2tcnjnozt3b	2024-08-12
https://access.redhat.com/security/cve/CVE-2024-41909	2024-03-06
https://bugzilla.redhat.com/show_bug.cgi?id=2304442	2024-03-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Software Foundation Search vendor "Apache Software Foundation"		Apache MINA SSHD Search vendor "Apache Software Foundation" for product "Apache MINA SSHD"				<= 2.11.0 Search vendor "Apache Software Foundation" for product "Apache MINA SSHD" and version " <= 2.11.0"		en		Affected