Vulnerability-Lookup

VDE-2024-051

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2024-09-10 10:00 - Updated: 2025-05-14 13:00

Summary

Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH

Severity

High

Notes

Summary: mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.

Impact: Attackers can inject code in the SSH server, which is run with high privileges.

Mitigation: Access to the SSH server should be limited to trustworthy networks or peers. Remote access to the SSH server should be disabled.

Remediation: Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.

General Recommendation: For general information and recommendations on security measures refer to the mGuard documentation: https://help.mguard.com/en/documentation

Product Description: mGuards are industrial routers and security appliances

CVE-2024-6387

There is a vulnerability in the OpenSSH server, which is used by the mGuard. If a connected SSH client does not authenticate within 120 seconds, the sshd's SIGALRM handler is called asynchronously. As the handler calls functions, that are not async-signal-safe, a race condition can be exploited for code injection.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Mitigation Access to the SSH server should be limited to trustworthy networks or peers.

Mitigation Remote access to the SSH server should be disabled.

Vendor Fix Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.

References

URL

Category

	https://phoenixcontact.com/psirt	external
	https://phoenixcontact.com/psirt	external
	https://certvde.com/de/advisories/vendor/phoenixc…	external
	https://certvde.com/en/advisories/VDE-2024-051	self
	https://phoenixcontact.csaf-tp.certvde.com/.well-…	self

Acknowledgments

CERT@VDE certvde.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
      "text": "high"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Attackers can inject code in the SSH server, which is run with high privileges.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Access to the SSH server should be limited to trustworthy networks or peers.\nRemote access to the SSH server should be disabled.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "For general information and recommendations on security measures refer to the mGuard documentation: https://help.mguard.com/en/documentation",
        "title": "General Recommendation"
      },
      {
        "category": "description",
        "text": "mGuards are industrial routers and security appliances",
        "title": "Product Description"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "external",
        "summary": "PCSA-2024/00009: mGuard firmware \u003c8.9.3 / 10.4.1 is vulnerable to an RCE in openSSH (regreSSHion)",
        "url": "https://phoenixcontact.com/psirt"
      },
      {
        "category": "external",
        "summary": "Phoenix Contact PSIRT",
        "url": "https://phoenixcontact.com/psirt"
      },
      {
        "category": "external",
        "summary": "Phoenix Contact advisory overview at CERT@VDE",
        "url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "self",
        "summary": "VDE-2024-051: Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-051"
      },
      {
        "category": "self",
        "summary": "VDE-2024-051: Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-051.json"
      }
    ],
    "title": "Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH",
    "tracking": {
      "aliases": [
        "VDE-2024-051",
        "PCSA-2024/00009"
      ],
      "current_release_date": "2025-05-14T13:00:14.000Z",
      "generator": {
        "date": "2024-08-14T12:15:52.821Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.7"
        }
      },
      "id": "VDE-2024-051",
      "initial_release_date": "2024-09-10T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-09-10T10:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2024-11-06T11:27:01.000Z",
          "number": "2",
          "summary": "Fix: correct certvde domain, added self-reference"
        },
        {
          "date": "2025-04-10T13:00:00.000Z",
          "number": "3",
          "summary": "Fixed CSAF reference URL"
        },
        {
          "date": "2025-05-14T13:00:14.000Z",
          "number": "4",
          "summary": "Fix: added distribution"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "FL MGUARD RS2000 TX/TX VPN",
                "product": {
                  "name": "FL MGUARD RS2000 TX/TX VPN",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700642"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS2005 TX VPN",
                "product": {
                  "name": "FL MGUARD RS2005 TX VPN",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701875"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS2000 3G VPN",
                "product": {
                  "name": "TC MGUARD RS2000 3G VPN",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2903441"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4000 TX/TX",
                "product": {
                  "name": "FL MGUARD RS4000 TX/TX",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700634"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4000 TX/TX VPN",
                "product": {
                  "name": "FL MGUARD RS4000 TX/TX VPN",
                  "product_id": "CSAFPID-11005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2200515"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4004 TX/DTX",
                "product": {
                  "name": "FL MGUARD RS4004 TX/DTX",
                  "product_id": "CSAFPID-11006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701876"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4004 TX/DTX VPN",
                "product": {
                  "name": "FL MGUARD RS4004 TX/DTX VPN",
                  "product_id": "CSAFPID-11007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701877"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS4000 3G VPN",
                "product": {
                  "name": "TC MGUARD RS4000 3G VPN",
                  "product_id": "CSAFPID-11008",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2903440"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS2000 TX/TX-B",
                "product": {
                  "name": "FL MGUARD RS2000 TX/TX-B",
                  "product_id": "CSAFPID-11009",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702139"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4000 TX/TX-P",
                "product": {
                  "name": "FL MGUARD RS4000 TX/TX-P",
                  "product_id": "CSAFPID-11010",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702259"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD RS4000 TX/TX-M",
                "product": {
                  "name": "FL MGUARD RS4000 TX/TX-M",
                  "product_id": "CSAFPID-11011",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702470"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD PCI4000",
                "product": {
                  "name": "FL MGUARD PCI4000",
                  "product_id": "CSAFPID-11012",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701274"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD PCI4000 VPN",
                "product": {
                  "name": "FL MGUARD PCI4000 VPN",
                  "product_id": "CSAFPID-11013",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701275"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD PCIE4000",
                "product": {
                  "name": "FL MGUARD PCIE4000",
                  "product_id": "CSAFPID-11014",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701277"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD PCIE4000 VPN",
                "product": {
                  "name": "FL MGUARD PCIE4000 VPN",
                  "product_id": "CSAFPID-11015",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2701278"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD DELTA TX/TX",
                "product": {
                  "name": "FL MGUARD DELTA TX/TX",
                  "product_id": "CSAFPID-11016",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700967"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD DELTA TX/TX VPN",
                "product": {
                  "name": "FL MGUARD DELTA TX/TX VPN",
                  "product_id": "CSAFPID-11017",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700968"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD SMART2",
                "product": {
                  "name": "FL MGUARD SMART2",
                  "product_id": "CSAFPID-11018",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700640"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD SMART2 VPN",
                "product": {
                  "name": "FL MGUARD SMART2 VPN",
                  "product_id": "CSAFPID-11019",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700639"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD CORE TX",
                "product": {
                  "name": "FL MGUARD CORE TX",
                  "product_id": "CSAFPID-11020",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702884"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD CORE TX VPN",
                "product": {
                  "name": "FL MGUARD CORE TX VPN",
                  "product_id": "CSAFPID-11021",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702831"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS2000 4G VPN",
                "product": {
                  "name": "TC MGUARD RS2000 4G VPN",
                  "product_id": "CSAFPID-11022",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2903588"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS4000 4G VPN",
                "product": {
                  "name": "TC MGUARD RS4000 4G VPN",
                  "product_id": "CSAFPID-11023",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2903586"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS4000 4G VZW VPN",
                "product": {
                  "name": "TC MGUARD RS4000 4G VZW VPN",
                  "product_id": "CSAFPID-11024",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1010461"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS2000 4G VZW VPN",
                "product": {
                  "name": "TC MGUARD RS2000 4G VZW VPN",
                  "product_id": "CSAFPID-11025",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1010462"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS4000 4G ATT VPN",
                "product": {
                  "name": "TC MGUARD RS4000 4G ATT VPN",
                  "product_id": "CSAFPID-11026",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1010463"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC MGUARD RS2000 4G ATT VPN",
                "product": {
                  "name": "TC MGUARD RS2000 4G ATT VPN",
                  "product_id": "CSAFPID-11027",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1010464"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD GT/GT",
                "product": {
                  "name": "FL MGUARD GT/GT",
                  "product_id": "CSAFPID-11028",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700197"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD GT/GT VPN",
                "product": {
                  "name": "FL MGUARD GT/GT VPN",
                  "product_id": "CSAFPID-11029",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2700198"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD CENTERPORT",
                "product": {
                  "name": "FL MGUARD CENTERPORT",
                  "product_id": "CSAFPID-11030",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702547"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD CENTERPORT VPN-1000",
                "product": {
                  "name": "FL MGUARD CENTERPORT VPN-1000",
                  "product_id": "CSAFPID-11031",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702820"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 2102",
                "product": {
                  "name": "FL MGUARD 2102",
                  "product_id": "CSAFPID-11032",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1357828"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 2105",
                "product": {
                  "name": "FL MGUARD 2105",
                  "product_id": "CSAFPID-11033",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1357850"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 4302",
                "product": {
                  "name": "FL MGUARD 4302",
                  "product_id": "CSAFPID-11034",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1357840"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 4305",
                "product": {
                  "name": "FL MGUARD 4305",
                  "product_id": "CSAFPID-11035",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1357875"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 4102 PCIE",
                "product": {
                  "name": "FL MGUARD 4102 PCIE",
                  "product_id": "CSAFPID-11036",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1357842"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD 4102 PCI",
                "product": {
                  "name": "FL MGUARD 4102 PCI",
                  "product_id": "CSAFPID-11037",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1441187"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.9.3",
                "product": {
                  "name": "Firmware \u003c8.9.3",
                  "product_id": "CSAFPID-21892"
                }
              },
              {
                "category": "product_version",
                "name": "8.9.3",
                "product": {
                  "name": "Firmware 8.9.3",
                  "product_id": "CSAFPID-22893"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.4.1",
                "product": {
                  "name": "Firmware \u003c10.4.1",
                  "product_id": "CSAFPID-21040"
                }
              },
              {
                "category": "product_version",
                "name": "10.4.1",
                "product": {
                  "name": "Firmware 10.4.1",
                  "product_id": "CSAFPID-22041"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Phoenix Contact"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037"
        ],
        "summary": "Affected Products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016",
          "CSAFPID-32017",
          "CSAFPID-32018",
          "CSAFPID-32019",
          "CSAFPID-32020",
          "CSAFPID-32021",
          "CSAFPID-32022",
          "CSAFPID-32023",
          "CSAFPID-32024",
          "CSAFPID-32025",
          "CSAFPID-32026",
          "CSAFPID-32027",
          "CSAFPID-32028",
          "CSAFPID-32029",
          "CSAFPID-32030",
          "CSAFPID-32031",
          "CSAFPID-32032",
          "CSAFPID-32033",
          "CSAFPID-32034",
          "CSAFPID-32035",
          "CSAFPID-32036",
          "CSAFPID-32037"
        ],
        "summary": "Fixed Products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2000 TX/TX VPN",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2005 TX VPN",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 3G VPN",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX VPN",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4004 TX/DTX",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4004 TX/DTX VPN",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 3G VPN",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2000 TX/TX-B",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX-P",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX-M",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD PCI4000",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD PCI4000 VPN",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD PCIE4000",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD PCIE4000 VPN",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD DELTA TX/TX",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD DELTA TX/TX VPN",
          "product_id": "CSAFPID-31017"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD SMART2",
          "product_id": "CSAFPID-31018"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD SMART2 VPN",
          "product_id": "CSAFPID-31019"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD CORE TX",
          "product_id": "CSAFPID-31020"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD CORE TX VPN",
          "product_id": "CSAFPID-31021"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11021"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G VPN",
          "product_id": "CSAFPID-31022"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11022"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G VPN",
          "product_id": "CSAFPID-31023"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11023"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G VZW VPN",
          "product_id": "CSAFPID-31024"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11024"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G VZW VPN",
          "product_id": "CSAFPID-31025"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11025"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G ATT VPN",
          "product_id": "CSAFPID-31026"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11026"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G ATT VPN",
          "product_id": "CSAFPID-31027"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11027"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD GT/GT",
          "product_id": "CSAFPID-31028"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11028"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD GT/GT VPN",
          "product_id": "CSAFPID-31029"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11029"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD CENTERPORT",
          "product_id": "CSAFPID-31030"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11030"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c8.9.3 installed on FL MGUARD CENTERPORT VPN-1000",
          "product_id": "CSAFPID-31031"
        },
        "product_reference": "CSAFPID-21892",
        "relates_to_product_reference": "CSAFPID-11031"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 2102",
          "product_id": "CSAFPID-31032"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11032"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 2105",
          "product_id": "CSAFPID-31033"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11033"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 4302",
          "product_id": "CSAFPID-31034"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11034"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 4305",
          "product_id": "CSAFPID-31035"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11035"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 4102 PCIE",
          "product_id": "CSAFPID-31036"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11036"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c10.4.1 installed on FL MGUARD 4102 PCI",
          "product_id": "CSAFPID-31037"
        },
        "product_reference": "CSAFPID-21040",
        "relates_to_product_reference": "CSAFPID-11037"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS2000 TX/TX VPN",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS2005 TX VPN",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS2000 3G VPN",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX VPN",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4004 TX/DTX",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4004 TX/DTX VPN",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS4000 3G VPN",
          "product_id": "CSAFPID-32008"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS2000 TX/TX-B",
          "product_id": "CSAFPID-32009"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX-P",
          "product_id": "CSAFPID-32010"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX-M",
          "product_id": "CSAFPID-32011"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD PCI4000",
          "product_id": "CSAFPID-32012"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD PCI4000 VPN",
          "product_id": "CSAFPID-32013"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD PCIE4000",
          "product_id": "CSAFPID-32014"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD PCIE4000 VPN",
          "product_id": "CSAFPID-32015"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD DELTA TX/TX",
          "product_id": "CSAFPID-32016"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD DELTA TX/TX VPN",
          "product_id": "CSAFPID-32017"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD SMART2",
          "product_id": "CSAFPID-32018"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD SMART2 VPN",
          "product_id": "CSAFPID-32019"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD CORE TX",
          "product_id": "CSAFPID-32020"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD CORE TX VPN",
          "product_id": "CSAFPID-32021"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11021"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G VPN",
          "product_id": "CSAFPID-32022"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11022"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G VPN",
          "product_id": "CSAFPID-32023"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11023"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G VZW VPN",
          "product_id": "CSAFPID-32024"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11024"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G VZW VPN",
          "product_id": "CSAFPID-32025"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11025"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G ATT VPN",
          "product_id": "CSAFPID-32026"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11026"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G ATT VPN",
          "product_id": "CSAFPID-32027"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11027"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD GT/GT",
          "product_id": "CSAFPID-32028"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11028"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD GT/GT VPN",
          "product_id": "CSAFPID-32029"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11029"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD CENTERPORT",
          "product_id": "CSAFPID-32030"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11030"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 8.9.3 installed on FL MGUARD CENTERPORT VPN-1000",
          "product_id": "CSAFPID-32031"
        },
        "product_reference": "CSAFPID-22893",
        "relates_to_product_reference": "CSAFPID-11031"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 2102",
          "product_id": "CSAFPID-32032"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11032"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 2105",
          "product_id": "CSAFPID-32033"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11033"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 4302",
          "product_id": "CSAFPID-32034"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11034"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 4305",
          "product_id": "CSAFPID-32035"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11035"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 4102 PCIE",
          "product_id": "CSAFPID-32036"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11036"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 10.4.1 installed on FL MGUARD 4102 PCI",
          "product_id": "CSAFPID-32037"
        },
        "product_reference": "CSAFPID-22041",
        "relates_to_product_reference": "CSAFPID-11037"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "There is a vulnerability in the OpenSSH server, which is used by the mGuard. If a connected SSH client does not authenticate within 120 seconds, the sshd\u0027s SIGALRM handler is called asynchronously. As the handler calls functions, that are not async-signal-safe, a race condition can be exploited for code injection.",
          "title": "Vulnerability Description"
        },
        {
          "audience": "operational management and system administrators",
          "category": "details",
          "text": "Remote attackers without any authentication can inject code, which is run with high privileges.",
          "title": "Vulnerability Impact"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016",
          "CSAFPID-32017",
          "CSAFPID-32018",
          "CSAFPID-32019",
          "CSAFPID-32020",
          "CSAFPID-32021",
          "CSAFPID-32022",
          "CSAFPID-32023",
          "CSAFPID-32024",
          "CSAFPID-32025",
          "CSAFPID-32026",
          "CSAFPID-32027",
          "CSAFPID-32028",
          "CSAFPID-32029",
          "CSAFPID-32030",
          "CSAFPID-32031",
          "CSAFPID-32032",
          "CSAFPID-32033",
          "CSAFPID-32034",
          "CSAFPID-32035",
          "CSAFPID-32036",
          "CSAFPID-32037"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022",
          "CSAFPID-31023",
          "CSAFPID-31024",
          "CSAFPID-31025",
          "CSAFPID-31026",
          "CSAFPID-31027",
          "CSAFPID-31028",
          "CSAFPID-31029",
          "CSAFPID-31030",
          "CSAFPID-31031",
          "CSAFPID-31032",
          "CSAFPID-31033",
          "CSAFPID-31034",
          "CSAFPID-31035",
          "CSAFPID-31036",
          "CSAFPID-31037"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Access to the SSH server should be limited to trustworthy networks or peers.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Remote access to the SSH server should be disabled.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022",
            "CSAFPID-31023",
            "CSAFPID-31024",
            "CSAFPID-31025",
            "CSAFPID-31026",
            "CSAFPID-31027",
            "CSAFPID-31028",
            "CSAFPID-31029",
            "CSAFPID-31030",
            "CSAFPID-31031",
            "CSAFPID-31032",
            "CSAFPID-31033",
            "CSAFPID-31034",
            "CSAFPID-31035",
            "CSAFPID-31036",
            "CSAFPID-31037"
          ]
        }
      ],
      "title": "CVE-2024-6387"
    }
  ]
}

CVE-2024-6387 (GCVE-0-2024-6387)

Vulnerability from cvelistv5 – Published: 2024-07-01 12:37 – Updated: 2025-12-11 06:17

Title

Openssh: regresshion - race condition in ssh allows rce/dos

Summary

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-364 - Signal Handler Race Condition

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:4312	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4340	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4389	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4469	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4474	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4479	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4484	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-6387	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2294604	issue-trackingx_refsource_REDHAT
	https://santandersecurityresearch.github.io/blog/…
	https://www.openssh.com/txt/release-9.8
	https://www.qualys.com/2024/07/01/cve-2024-6387/r…

Impacted products

Vendor

Product

Version

Affected: 8.5p1 , ≤ 9.7p1 (custom)

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:8.7p1-38.el9_4.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:8.7p1-12.el9_0.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:8.7p1-30.el9_2.4 , < * (rpm) cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 413.92.202407091321-0 , < * (rpm) cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 414.92.202407091253-0 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 415.92.202407091355-0 , < * (rpm) cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 416.94.202407081958-0 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat Ceph Storage 5	cpe:/a:redhat:ceph_storage:5
Red Hat	Red Hat Ceph Storage 6	cpe:/a:redhat:ceph_storage:6
Red Hat	Red Hat Ceph Storage 7	cpe:/a:redhat:ceph_storage:7
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Date Public ?

2024-07-01 08:00

Credits

Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6387",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T13:18:34.695298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T13:18:46.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-24T18:35:27.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
          },
          {
            "url": "https://www.exploit-db.com/exploits/52269"
          },
          {
            "url": "https://packetstorm.news/files/id/190587/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          },
          {
            "name": "RHSA-2024:4312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4312"
          },
          {
            "name": "RHSA-2024:4340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4340"
          },
          {
            "name": "RHSA-2024:4389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4389"
          },
          {
            "name": "RHSA-2024:4469",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4469"
          },
          {
            "name": "RHSA-2024:4474",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4474"
          },
          {
            "name": "RHSA-2024:4479",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4479"
          },
          {
            "name": "RHSA-2024:4484",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4484"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
          },
          {
            "name": "RHBZ#2294604",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/AlmaLinux/updates/issues/629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/4379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/azurelinux/issues/9555"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oracle/oracle-linux/issues/149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/issues/87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/zgzhang/cve-2024-6387-poc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=40843778"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6859-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214119"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214118"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.7p1",
              "status": "affected",
              "version": "8.5p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-12.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-30.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202407091321-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407091253-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407091355-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202407081958-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-01T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-11T06:17:03.387Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4312"
        },
        {
          "name": "RHSA-2024:4340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4340"
        },
        {
          "name": "RHSA-2024:4389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4389"
        },
        {
          "name": "RHSA-2024:4469",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4469"
        },
        {
          "name": "RHSA-2024:4474",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4474"
        },
        {
          "name": "RHSA-2024:4479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4479"
        },
        {
          "name": "RHSA-2024:4484",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4484"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
        },
        {
          "name": "RHBZ#2294604",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
        },
        {
          "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.8"
        },
        {
          "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-27T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-01T08:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Openssh: regresshion - race condition in ssh allows rce/dos",
      "workarounds": [
        {
          "lang": "en",
          "value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6387",
    "datePublished": "2024-07-01T12:37:25.431Z",
    "dateReserved": "2024-06-27T13:41:03.421Z",
    "dateUpdated": "2025-12-11T06:17:03.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

VDE-2024-051

CVE-2024-6387 (GCVE-0-2024-6387)

Tags

Sightings

Nomenclature