Vulnerability Details : CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
Vulnerability category: Gain privilege
Threat overview for CVE-2021-41617
Top countries where our scanners detected CVE-2021-41617
Top open port discovered on systems with this issue
22
IPs affected by CVE-2021-41617 34,751,184
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-41617!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-41617
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 21 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-41617
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
References for CVE-2021-41617
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
[SECURITY] Fedora 35 Update: openssh-8.7p1-2.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://www.openwall.com/lists/oss-security/2021/09/26/1
oss-security - Announce: OpenSSH 8.8 releasedMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
[SECURITY] Fedora 34 Update: openssh-8.6p1-5.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuapr2022.html
Oracle Critical Patch Update Advisory - April 2022Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
[SECURITY] Fedora 33 Update: openssh-8.4p1-8.fc33 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
[SECURITY] Fedora 34 Update: openssh-8.6p1-5.fc34 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
[SECURITY] Fedora 35 Update: openssh-8.7p1-2.fc35 - package-announce - Fedora Mailing-Lists
-
https://www.openssh.com/security.html
OpenSSH: SecurityVendor Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=1190975
Bug 1190975 – VUL-0: CVE-2021-41617: openssh-openssl1,openssh: privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configuredIssue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20211014-0004/
CVE-2021-41617 OpenSSH Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.debian.org/security/2023/dsa-5586
Debian -- Security Information -- DSA-5586-1 openssh
-
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
[SECURITY] [DLA 3694-1] openssh security update
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
[SECURITY] Fedora 33 Update: openssh-8.4p1-8.fc33 - package-announce - Fedora Mailing-Lists
-
https://www.tenable.com/plugins/nessus/154174
OpenSSH 6.2 < 8.8 | Tenable®
-
https://www.oracle.com/security-alerts/cpujul2022.html
Oracle Critical Patch Update Advisory - July 2022Third Party Advisory
-
https://www.starwindsoftware.com/security/sw-20220805-0001/
CVE-2021-41617 sshd issue in StarWind productsThird Party Advisory
-
https://www.openssh.com/txt/release-8.8
Release Notes;Vendor Advisory
Products affected by CVE-2021-41617
- cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
- cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
- cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14398:*:*:*:*:*:*