Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2021-1734)
Information
Severity
Severity
Medium
Family
Family
Huawei EulerOS Local Security Checks
CVSSv2 Base
CVSSv2 Base
6.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:S/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
2 years ago
Modified
Modified
2 years ago
Summary
The remote host is missing an update for the Huawei EulerOS 'python-paramiko' package(s) announced via the EulerOS-SA-2021-1734 advisory.
Insight
Insight
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.(CVE-2018-1000805)
Affected Software
Affected Software
'python-paramiko' package(s) on Huawei EulerOS Virtualization release 2.9.1.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).