CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
openbsdopenssh
6.2 ≤
𝑥
< 8.8
netappactive_iq_unified_manager
-
netappclustered_data_ontap
-
netapphci_management_node
-
netappontap_select_deploy_administration_utility
-
netappsolidfire
-
netappaff_a250_firmware
-
netappaff_500f_firmware
-
oraclehttp_server
12.2.1.2.0
oraclehttp_server
12.2.1.3.0
oraclehttp_server
12.2.1.4.0
oraclezfs_storage_appliance_kit
8.8
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIPLUS S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
Debian logo
Debian Releases
Debian Product
Codename
openssh
bookworm
1:9.2p1-2+deb12u3
fixed
bookworm (security)
1:9.2p1-2+deb12u3
fixed
bullseye
1:8.4p1-5+deb11u3
fixed
bullseye (security)
1:8.4p1-5+deb11u3
fixed
sid
1:9.9p1-3
fixed
stretch
no-dsa
trixie
1:9.9p1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssh
bionic
needed
focal
Fixed 1:8.2p1-4ubuntu0.11
released
hirsute
ignored
impish
ignored
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
needed
xenial
Fixed 1:7.2p2-4ubuntu2.10+esm2
released
openssh-ssh1
bionic
needed
focal
needed
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
dne
xenial
dne
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
openssh
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-askpass
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-cavs
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-clients
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-keycat
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-ldap
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-server
RHEL 7
0:7.4p1-22.el7_9
fixed
RHEL 8
0:8.0p1-13.el8
fixed
openssh-server-sysvinit
RHEL 7
0:7.4p1-22.el7_9
fixed
pam
RHEL 7
0:0.10.3-2.22.el7_9
fixed
RHEL 8
0:0.10.3-7.13.el8
fixed
References
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.debian.org/security/2023/dsa-5586
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.starwindsoftware.com/security/sw-20220805-0001/
https://www.tenable.com/plugins/nessus/154174
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.debian.org/security/2023/dsa-5586
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.starwindsoftware.com/security/sw-20220805-0001/
https://www.tenable.com/plugins/nessus/154174
https://cert-portal.siemens.com/productcert/html/ssa-082556.html