{"id":"CVE-2018-7750","details":"transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.","aliases":["GHSA-232r-66cg-79px","PYSEC-2018-19"],"modified":"2026-04-16T06:20:03.658272655Z","published":"2018-03-13T18:29:00.303Z","related":["SUSE-FU-2022:0444-1","SUSE-FU-2022:0445-1","SUSE-SU-2018:0844-1","SUSE-SU-2018:0873-1","SUSE-SU-2018:1850-1","SUSE-SU-2018:1971-1","SUSE-SU-2018:2777-1","openSUSE-SU-2024:11249-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1125"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1213"},{"type":"ADVISORY","url":"https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3603-1/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1124"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1525"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/103713"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0591"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0646"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1328"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3603-2/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1274"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1972"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00025.html"},{"type":"REPORT","url":"https://github.com/paramiko/paramiko/issues/1175"},{"type":"FIX","url":"https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/45712/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/paramiko/paramiko","events":[{"introduced":"0"},{"fixed":"ac3f78648d2f48c3a99bbf0295245954a34ab46d"},{"introduced":"6dd47a677e0e919c4c10c3fed3a4173e9c49199c"},{"fixed":"3a50a3eb09168343af2d06ff7f269d2493af4e0b"},{"introduced":"f43d125c9156e84b50718a6bdad3a92d9ae9d14b"},{"fixed":"30452567c69096ad4aabd159ed3f3ad1ef83ab47"},{"introduced":"e0692f411287a814425d6835278b1c0caa91c82e"},{"fixed":"e62f35a71bcc90447f3eee6f5b48f174a7bfb83e"},{"introduced":"353e628d34d2ffab6bfb447ecd7bb44df6ad86ac"},{"fixed":"04f0d9fc74f6219d2932252b6ba7d835bb4914ef"},{"introduced":"975bcf1e19b1efc5a84ef2eb639939e516f7f633"},{"fixed":"c07b6e6b8b94fe8a946a8120c1d1b4039c1fe4f0"},{"introduced":"0"},{"last_affected":"a97e977d6970b33e619601f502776eb19e691d90"},{"introduced":"0"},{"last_affected":"f43d125c9156e84b50718a6bdad3a92d9ae9d14b"},{"introduced":"0"},{"last_affected":"a97e977d6970b33e619601f502776eb19e691d90"},{"fixed":"fa29bd8446c8eab237f5187d28787727b4610516"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.17.6"},{"introduced":"1.18.0"},{"fixed":"1.18.5"},{"introduced":"2.0.0"},{"fixed":"2.0.8"},{"introduced":"2.1.0"},{"fixed":"2.1.5"},{"introduced":"2.2.0"},{"fixed":"2.2.3"},{"introduced":"2.3.0"},{"fixed":"2.3.2"},{"introduced":"0"},{"last_affected":"2.4.0"},{"introduced":"0"},{"last_affected":"2.0"},{"introduced":"0"},{"last_affected":"2.4"}]}}],"versions":["1.16.1","1.16.2","1.16.3","1.17.3","1.17.4","1.17.5","1.18.0","1.18.1","1.18.2","1.18.3","1.18.4","1.7.7.1","1.7.7.2","1.8.0","2.0.0","2.0.1","2.0.2","2.0.3","2.0.4","2.0.5","2.0.7","2.1.0","2.1.1","2.1.2","2.1.3","2.1.4","2.2.0","2.2.1","2.3.0","2.3.1","2.4.0","initial-merge-from-ssh-done","release-1.7.4","release-1.7.5","release-1.7.6","v1.16.1","v1.16.2","v1.16.3","v1.17.3","v1.18.0","v1.18.1","v1.7.7.1","v1.7.7.2","v1.8.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.5"}]},{"events":[{"introduced":"0"},{"last_affected":"4.6"}]},{"events":[{"introduced":"0"},{"last_affected":"4.1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4"}]},{"events":[{"introduced":"0"},{"last_affected":"6.5"}]},{"events":[{"introduced":"0"},{"last_affected":"6.6"}]},{"events":[{"introduced":"0"},{"last_affected":"6.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.6"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7750.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}