Vulnerability Description
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId().
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eternal Terminal Project | Eternal Terminal | < 6.2.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac848PatchThird Party Advisory
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gExploitThird Party Advisory
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/commit/900348bb8bc96e1c7ba4888ac848PatchThird Party Advisory
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-85gExploitThird Party Advisory
FAQ
What is CVE-2022-24950?
CVE-2022-24950 is a vulnerability with a CVSS score of 7.5 (HIGH). A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other system...
How severe is CVE-2022-24950?
CVE-2022-24950 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-24950?
Check the references section above for vendor advisories and patch information. Affected products include: Eternal Terminal Project Eternal Terminal.