4.3

CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version >= 7.4 < 10.0
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.056
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.8 2 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
cve@mitre.org 4.3 2.5 1.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-440 Expected Behavior Violation

A feature, API, or function does not perform according to its specification.

https://www.openssh.com/txt/release-7.4
Release Notes
https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
Mailing List
Product
Release Notes
https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
Product
https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
Patch
https://www.openssh.com/txt/release-10.0
Release Notes
https://security.netapp.com/advisory/ntap-20250425-0002/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/05/msg00008.html
Third Party Advisory
Mailing List