Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-46446

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Nov, 2023 | 00:00
Updated At-25 Feb, 2026 | 17:20
Rejected At-
Credits

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Nov, 2023 | 00:00
Updated At:25 Feb, 2026 | 17:20
Rejected At:
▼CVE Numbering Authority (CNA)

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
vendor-advisory
https://www.terrapin-attack.com
N/A
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
N/A
https://github.com/advisories/GHSA-c35q-ffpf-5qpm
N/A
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
N/A
https://security.netapp.com/advisory/ntap-20231222-0001/
N/A
Hyperlink: https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
Resource:
vendor-advisory
Hyperlink: https://www.terrapin-attack.com
Resource: N/A
Hyperlink: https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
Resource: N/A
Hyperlink: https://github.com/advisories/GHSA-c35q-ffpf-5qpm
Resource: N/A
Hyperlink: http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20231222-0001/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
vendor-advisory
x_transferred
https://www.terrapin-attack.com
x_transferred
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
x_transferred
https://github.com/advisories/GHSA-c35q-ffpf-5qpm
x_transferred
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
x_transferred
https://security.netapp.com/advisory/ntap-20231222-0001/
x_transferred
https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
N/A
Hyperlink: https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
Resource:
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://www.terrapin-attack.com
Resource:
x_transferred
Hyperlink: https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
Resource:
x_transferred
Hyperlink: https://github.com/advisories/GHSA-c35q-ffpf-5qpm
Resource:
x_transferred
Hyperlink: http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20231222-0001/
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-639CWE-639 Authorization Bypass Through User-Controlled Key
Type: CWE
CWE ID: CWE-639
Description: CWE-639 Authorization Bypass Through User-Controlled Key
Metrics
VersionBase scoreBase severityVector
3.16.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:14 Nov, 2023 | 03:15
Updated At:25 Feb, 2026 | 18:18

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Secondary3.16.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CPE Matches
asyncssh_project
asyncssh_project
>>asyncssh>>Versions before 2.14.1(exclusive)
cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-639Primarynvd@nist.gov
CWE-639Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-639
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-639
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.htmlcve@mitre.org
N/A
https://github.com/advisories/GHSA-c35q-ffpf-5qpmcve@mitre.org
N/A
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rstcve@mitre.org
N/A
https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpmcve@mitre.org
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/cve@mitre.org
N/A
https://security.netapp.com/advisory/ntap-20231222-0001/cve@mitre.org
N/A
https://www.terrapin-attack.comcve@mitre.org
N/A
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/advisories/GHSA-c35q-ffpf-5qpmaf854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rstaf854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpmaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/09/msg00042.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/af854a3a-2127-422b-91ae-364da2661108
N/A
https://security.netapp.com/advisory/ntap-20231222-0001/af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.terrapin-attack.comaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/advisories/GHSA-c35q-ffpf-5qpm
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20231222-0001/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.terrapin-attack.com
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/advisories/GHSA-c35q-ffpf-5qpm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/ronf/asyncssh/security/advisories/GHSA-c35q-ffpf-5qpm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20231222-0001/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.terrapin-attack.com
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2025-36365
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.92%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 21:27
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 Privilege Escalation

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a user-controlled key.

Action-Not Available
Vendor-IBM Corporation
Product-db2Db2 for Linux, UNIX and Windows
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-42291
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 7.41%
||
7 Day CHG~0.00%
Published-08 May, 2026 | 21:57
Updated-11 May, 2026 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SysReptor: Read-write access to personal notes by sharing-link creation with no authorization in SysReptor Professional

SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly authorized. This allows authenticated attackers who obtain the note ID of victim users to list and create sharing links to those users' personal notes. This gives attackers read and write access to notes of other users. This exploit works in both SysReptor Professional and Community. In Community it has, however, no impact because all users have superuser permissions and can list personal notes of other users at /admin/pentests/usernotebookpage/. This issue has been patched in version 2026.27.

Action-Not Available
Vendor-Syslifters
Product-sysreptor
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-4630
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-Not Assigned
Published-19 May, 2026 | 10:28
Updated-19 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference

A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference (IDOR) vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier (UUID) belonging to another Resource Server within the same realm, the client could bypass authorization checks. This allows the client to perform unauthorized GET, PUT, and DELETE operations on resources, leading to information disclosure and potential unauthorized modification or deletion of data.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Build of Keycloak
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2025-12351
Matching Score-4
Assigner-Honeywell International Inc.
ShareView Details
Matching Score-4
Assigner-Honeywell International Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 8.30%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 15:03
Updated-30 Oct, 2025 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Inadequate access control measure allows unauthorized users to access restricted administrative functions

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of this product, service or offering (S35 Pinhole/Kit Camera to version 2025.08.28, S35 AI Fisheye & Dual Sensor/Micro Dome/Full Color Eyeball & Bullet Camera to version 2025.08.22, S35 Thermal Camera to version 2025.08.26).

Action-Not Available
Vendor-Honeywell International Inc.
Product-S35 3M/5M/8M/Pinhole/Kit CameraS35 Thermal CameraS35 AI Fisheye&Dual Sensor/Micro Dome/Full Color Eyeball&Bullet Camera
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2024-3035
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 13.51%
||
7 Day CHG~0.00%
Published-08 Aug, 2024 | 10:31
Updated-17 Sep, 2024 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
Details not found