Search for vulnerabilities
Vulnerability details: VCID-3zb9-hjrw-sbez
Vulnerability ID VCID-3zb9-hjrw-sbez
Aliases CVE-2023-51385
Summary In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.09522 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.10461 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.10461 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
epss 0.10461 https://api.first.org/data/v1/epss?cve=CVE-2023-51385
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-51385
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
https://api.first.org/data/v1/epss?cve=CVE-2023-51385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
http://seclists.org/fulldisclosure/2024/Mar/21
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
https://security.gentoo.org/glsa/202312-17
https://security.netapp.com/advisory/ntap-20240105-0005/
https://support.apple.com/kb/HT214084
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
https://www.debian.org/security/2023/dsa-5586
https://www.openssh.com/txt/release-9.6
https://www.openwall.com/lists/oss-security/2023/12/18/2
http://www.openwall.com/lists/oss-security/2023/12/26/4
2255271 https://bugzilla.redhat.com/show_bug.cgi?id=2255271
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
CVE-2023-51385 https://nvd.nist.gov/vuln/detail/CVE-2023-51385
RHSA-2024:0429 https://access.redhat.com/errata/RHSA-2024:0429
RHSA-2024:0455 https://access.redhat.com/errata/RHSA-2024:0455
RHSA-2024:0594 https://access.redhat.com/errata/RHSA-2024:0594
RHSA-2024:0606 https://access.redhat.com/errata/RHSA-2024:0606
RHSA-2024:1130 https://access.redhat.com/errata/RHSA-2024:1130
RHSA-2024:1383 https://access.redhat.com/errata/RHSA-2024:1383
USN-6560-2 https://usn.ubuntu.com/6560-2/
USN-6560-3 https://usn.ubuntu.com/6560-3/
USN-6565-1 https://usn.ubuntu.com/6565-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-51385
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.92511
EPSS Score 0.09522
Published At Aug. 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:35:16.441636+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/6565-1/ 37.0.0