Search for vulnerabilities
Vulnerability details: VCID-vmse-e61a-aaaa
Vulnerability ID VCID-vmse-e61a-aaaa
Aliases CVE-2013-4548
Summary The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00385 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01004 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
epss 0.01405 https://api.first.org/data/v1/epss?cve=CVE-2013-4548
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1028418
cvssv2 6.0 https://nvd.nist.gov/vuln/detail/CVE-2013-4548
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00017.html
http://marc.info/?l=bugtraq&m=141576985122836&w=2
http://openwall.com/lists/oss-security/2013/11/08/3
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4548.json
https://api.first.org/data/v1/epss?cve=CVE-2013-4548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
http://www.openssh.com/txt/gcmrekey.adv
http://www.ubuntu.com/usn/USN-2014-1
1028418 https://bugzilla.redhat.com/show_bug.cgi?id=1028418
729029 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029
cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*
CVE-2013-4548 https://nvd.nist.gov/vuln/detail/CVE-2013-4548
USN-2014-1 https://usn.ubuntu.com/2014-1/
No exploits are available.
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-4548
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.49557
EPSS Score 0.00291
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.