Paramiko SSH Server Incorrect Access Control Vulnerability

Paramiko SSH Server Incorrect Access Control Vulnerability

CVE-2018-1000805 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

Learn more about our Cis Benchmark Audit For Server Software.