CVE-2019-6110

ADVISORY - nist

Summary

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

EPSS Score⁠: 0.00418 (0.746)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-838⁠

Inappropriate Encoding for Output Context

ADVISORY - redhat

CWE-451⁠

User Interface (UI) Misrepresentation of Critical Information

Impacted images

Advisories

NIST

CREATED

6 years ago

UPDATED

2 years ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-838⁠

CVSS SCORE

6.8medium

Debian

CREATED

6 years ago

UPDATED

2 days ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

6 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.8low

Red Hat

CREATED

6 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-451⁠

CVSS SCORE

3.1low

SUSE

CREATED

6 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

2.1

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.6medium

intheWild

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2019-6110⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

vulncheck

CREATED

4 years ago

UPDATED

5 months ago

ADVISORY ID

CVE-2019-6110

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY