Home / Security updates / CVE-2024-6387; a Race Condition was Found in OpenSSH
CVE-2024-6387; a Race Condition was Found in OpenSSH
Security updates detail rendered from /security-updates/upd_dd6ff02ef643dcd2.
Overview
| ID | upd_dd6ff02ef643dcd2 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Delinea |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_dd6ff02ef643dcd2 |
| providerId | safebase |
| organizationId | org_a3ee621a755352d9 |
| trustCenterId | tc_c2a1aa0eb7eda998 |
| title | CVE-2024-6387; a Race Condition was Found in OpenSSH |
| message | 1. Description On July 1, 2024, researchers from Qualys disclosed a vulnerability affecting the OpenSSH server. When exploited this vulnerability can result in unauthenticated Remote Code Execution (RCE) with root privileges. This vulnerability takes advantage of a flaw in a previously patched version of OpenSSH that has now reappeared due to removal of previously patched code. As such, this vulnerability has been given the name of “regreSSHion” and is documented in [CVE-2024-6387](https://www.cve.org/CVERecord?id=CVE-2024-6387). This vulnerability is rated high severity. Based on the information from the researchers at Qualys, the following versions are affected: * OpenSSH versions earlier than 4.4p1 are vulnerable unless they are patched for [CVE-2006-5051](https://www.cve.org/CVERecord?id=CVE-2006-5051) and [CVE-2008-4109](https://www.cve.org/CVERecord?id=CVE-2008-4109); * Versions from 8.5p1 up to, but not including, 9.8p1 due to the suspected accidental removal of previo |
| url | - |
| publishedAt | 2024-07-02 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a3ee621a755352d9",
"name": "Delinea",
"domains": [
"trust.delinea.com",
"delinea.com"
]
} |
| trust_center | {
"id": "tc_c2a1aa0eb7eda998",
"name": "Delinea",
"url": "https://trust.delinea.com",
"host": "trust.delinea.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_dd6ff02ef643dcd2",
"company": "/v1/companies/org_a3ee621a755352d9",
"trust_center": "/v1/trust-centers/tc_c2a1aa0eb7eda998",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_dd6ff02ef643dcd2JSON