It was found that when acting as an SSH server, paramiko did not properly check whether authentication is completed before processing other requests. A customized SSH client could use this to bypass authentication when accessing any resources controlled by paramiko.
Find out more about CVE-2018-7750 from the MITRE CVE dictionary dictionary and NIST NVD.
This flaw is a user authentication bypass in the SSH Server functionality of paramiko (normally used by subclassing paramiko.ServerInterface). Where paramiko is used only for its client-side functionality (e.g. paramiko.SSHClient), the vulnerability is not exposed and thus cannot be exploited.
The following Red Hat products use paramiko only in client-side mode. Server side functionality is not used.
| CVSS3 Base Score | 9.8 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity Impact | High |
| Availability Impact | High |
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux Advanced Update Support 6.4 (python-paramiko) | RHSA-2018:1125 | 2018-04-12 |
| Red Hat Enterprise Linux Extended Update Support 6.7 (python-paramiko) | RHSA-2018:1125 | 2018-04-12 |
| Red Hat Enterprise Linux 7 Extras (python-paramiko) | RHSA-2018:0591 | 2018-03-26 |
| Red Hat Enterprise Linux Server TUS (v. 6.6) (python-paramiko) | RHSA-2018:1125 | 2018-04-12 |
| CloudForms Management Engine 5.8 | RHSA-2018:1972 | 2018-06-25 |
| Red Hat Ansible Engine 2.4 for RHEL 7 Server (python-paramiko) | RHSA-2018:1213 | 2018-04-24 |
| Red Hat Enterprise Linux Advanced Update Support 6.6 (python-paramiko) | RHSA-2018:1125 | 2018-04-12 |
| Red Hat Enterprise Linux 6 (python-paramiko) | RHSA-2018:1124 | 2018-04-12 |
| Red Hat Ansible Engine 2 for RHEL 7 (python-paramiko) | RHSA-2018:0646 | 2018-04-05 |
| Red Hat Virtualization 4 (python-paramiko) | RHSA-2018:1274 | 2018-05-02 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) | RHSA-2018:1525 | 2018-05-15 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (python-paramiko) | RHSA-2018:1274 | 2018-05-02 |
| Red Hat Enterprise Linux Advanced Update Support 6.5 (python-paramiko) | RHSA-2018:1125 | 2018-04-12 |
| CloudForms Management Engine 5.9 | RHSA-2018:1328 | 2018-05-07 |
| Platform | Package | State |
|---|---|---|
| Red Hat Storage Console 2 | python-paramiko | Will not fix |
| Red Hat Satellite 6 | python-paramiko | Affected |
| Red Hat OpenStack Platform 9.0 | python-paramiko | Will not fix |
| Red Hat OpenStack Platform 8.0 (Liberty) | python-paramiko | Will not fix |
| Red Hat OpenStack Platform 13.0 (Queens) | python-paramiko | Affected |
| Red Hat OpenStack Platform 12.0 | python-paramiko | Will not fix |
| Red Hat OpenStack Platform 11.0 (Ocata) | python-paramiko | Will not fix |
| Red Hat OpenStack Platform 10 | python-paramiko | Will not fix |
| Red Hat OpenShift Enterprise 3 | python-paramiko | Affected |
| Red Hat Gluster Storage 3 | python-paramiko | Affected |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | python-paramiko | Will not fix |
| Red Hat Ceph Storage 2 | python-paramiko | Affected |
Vulmon