CVE-2023-48795:

Overview

Severity

Medium (CVSS 5.9)

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploit Status

Not Exploited

Patch Tuesday

2024-Nov

Released

2024-08-16

Last Updated

2024-11-09

EPSS Score

56.73% (percentile: 98.1%)

Detection & Weaponization (2 sources)

Maturity: Exploit

• Nuclei templates: OpenSSH Terrapin Attack - Detection
• GitHub PoC: 3 repositories

Affected Products (4)

Mariner

• CBL Mariner 2.0 x64
• CBL Mariner 2.0 ARM
• Azure Linux 3.0 x64
• Azure Linux 3.0 ARM

Revision History

• 2024-08-16: Information published.
• 2023-12-25: Information published.
• 2024-06-30: Information published.
• 2024-08-25: Information published.
• 2024-08-26: Information published.
• 2024-08-27: Information published.
• 2024-08-28: Information published.
• 2024-08-29: Information published.
• 2024-08-30: Information published.
• 2024-08-31: Information published.
• 2024-09-01: Information published.
• 2024-09-02: Information published.
• 2024-09-03: Information published.
• 2024-09-05: Information published.
• 2024-09-06: Information published.
• 2024-09-07: Information published.
• 2024-09-08: Information published.
• 2024-09-11: Information published.
• 2023-12-27: Added moby-cli to CBL-Mariner 2.0
• 2024-11-09: Added kubevirt to Azure Linux 3.0 Added cert-manager to Azure Linux 3.0 Added packer to Azure Linux 3.0 Added kubernetes to Azure Linux 3.0 Added docker-buildx to Azure Linux 3.0 Added telegraf to Azure Linux 3.0 Added moby-compose to CBL-Mariner 2.0 Added packer to CBL-Mariner 2.0 Added kubernetes to CBL-Mariner 2.0 Added telegraf to CBL-Mariner 2.0 Added cert-manager to CBL-Mariner 2.0 Added erlang to CBL-Mariner 2.0 Added libssh2 to CBL-Mariner 2.0 Added moby-cli to CBL-Mariner 2.0 Added openssh to CBL-Mariner 2.0 Added libssh to CBL-Mariner 2.0