CVE-2018-7750
CRITICAL9.8EPSS 13.8%Paramiko not properly checking authentication before processing other requests
Published: 7/12/2018Modified: 4/28/2026
Description
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
Affected packages (4)
- Alpine/py3-paramikofrom 0, < 2.4.1-r0
- Debian/paramikofrom 0, < 2.4.2-0.1
- PyPI/paramiko>= 2.0.0, < 2.0.8
- PyPI/paramikofrom 0, < fa29bd8446c8eab237f5187d28787727b4610516 | from 0, < 1.17.6, >= 2.0.0, < 2.0.8, >= 2.1.0, < 2.1.5, >= 2.2.0, < 2.2.3, >= 2.3.0, < 2.3.2, >= 1.18.0, < 1.18.5
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References (30)
- ADVISORYhttps://github.com/advisories/GHSA-232r-66cg-79px
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-7750
- ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2018-7750
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-7750
- PATCHhttps://github.com/paramiko/paramiko
- WEBhttps://access.redhat.com/errata/RHSA-2018:0591
- WEBhttps://access.redhat.com/errata/RHSA-2018:0646
- WEBhttps://access.redhat.com/errata/RHSA-2018:1124
- WEBhttps://access.redhat.com/errata/RHSA-2018:1125
- WEBhttps://access.redhat.com/errata/RHSA-2018:1213
- WEBhttps://access.redhat.com/errata/RHSA-2018:1274
- WEBhttps://access.redhat.com/errata/RHSA-2018:1328
- WEBhttps://access.redhat.com/errata/RHSA-2018:1525
- WEBhttps://access.redhat.com/errata/RHSA-2018:1972
- WEBhttps://github.com/paramiko/paramiko/blob/e861c7697622774071ce73b46ffe8817eacdedfa/sites/www/changelog.rst?plain=1#L759-L763
- WEBhttps://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst
- WEBhttps://github.com/paramiko/paramiko/commit/e9dfd854bdaf8af15d7834f7502a0451d217bb8c
- WEBhttps://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516
- WEBhttps://github.com/paramiko/paramiko/issues/1175
- WEBhttps://github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2018-19.yaml
- WEBhttps://lists.debian.org/debian-lts-announce/2018/10/msg00018.html
- WEBhttps://lists.debian.org/debian-lts-announce/2021/12/msg00025.html
- WEBhttps://usn.ubuntu.com/3603-1
- WEBhttps://usn.ubuntu.com/3603-1/
- WEBhttps://usn.ubuntu.com/3603-2
- WEBhttps://usn.ubuntu.com/3603-2/
- WEBhttps://web.archive.org/web/20190831123128/http://www.securityfocus.com/bid/103713
- WEBhttps://www.exploit-db.com/exploits/45712
- WEBhttps://www.exploit-db.com/exploits/45712/
- WEBhttp://www.securityfocus.com/bid/103713