CVE-2023-51767

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Dec 24, 2023
Updated: Feb 27, 2024

Summary

CVE-2023-51767 is a vulnerability affecting OpenSSH through version 9.6. It can be exploited through row hammer attacks, allowing for authentication bypass. This vulnerability specifically applies to a threat model where the attacker and victim are co-located and the attacker has user privileges. The affected products include ngJeQs, ngJeQt, ngJeQu, and many others. To remediate this vulnerability, users should update their OpenSSH installations to a version higher than 9.6. The potential danger posed by this vulnerability is high, with a base severity rating of HIGH and impacts on integrity and confidentiality being rated as HIGH as well according to nvd@nist.gov.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-51767 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options