CVE-2023-6004
Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname
CVSS Score
4.8
EPSS Score
0.0%
EPSS Percentile
0th
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
| CWE | CWE-74 |
| Vendor | red hat |
| Product | red hat enterprise linux 8 |
| Published | Jan 3, 2024 |
| Last Updated | Nov 7, 2025 |
Stay Ahead of the Next One
Get instant alerts for red hat red hat enterprise linux 8
Be the first to know when new medium vulnerabilities affecting red hat red hat enterprise linux 8 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Affected Versions
Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2024:2504 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:3233 access.redhat.com: https://access.redhat.com/security/cve/CVE-2023-6004 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2251110 libssh.org: https://www.libssh.org/security/advisories/CVE-2023-6004.txt lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ security.netapp.com: https://security.netapp.com/advisory/ntap-20240223-0004/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
Credits
Red Hat would like to thank Norbert Pocs (libssh) and [email protected] for reporting this issue.