What is CVE-2023-38408?

CVE-2023-38408 is a vulnerability in OpenSSH that allows for remote code execution if an agent is forwarded to an attacker-controlled system.

What is the severity of CVE-2023-38408?

CVE-2023-38408 has a severity rating of 9.8, which is considered critical.

How does CVE-2023-38408 affect OpenSSH versions?

CVE-2023-38408 affects OpenSSH versions before 9.3p2.

How can I fix CVE-2023-38408?

To fix CVE-2023-38408, update OpenSSH to version 9.3p2 or later.

Where can I find more information about CVE-2023-38408?

You can find more information about CVE-2023-38408 in the references provided: [link1](https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8), [link2](https://www.openssh.com/txt/release-9.3p2), [link3](https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt)

Vulnerability/
CVE-2023-38408

critical

9.8

CWE

428

19/7/2023

20/7/2023

24/4/2024

CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

First published: Wed Jul 19 2023(Updated: )

OpenSSH. This issue was addressed by updating OpenSSH to 9.3p2

Credit: baba yaga an anonymous researcher cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Openbsd Openssh	<9.3
Openbsd Openssh	=9.3
Openbsd Openssh	=9.3-p1
Fedoraproject Fedora	=37
Fedoraproject Fedora	=38
IBM QRadar SIEM	<=7.5.0 - 7.5.0 UP6
ubuntu/openssh	<9.3	9.3
ubuntu/openssh	<1:8.2	1:8.2
ubuntu/openssh	<1:8.9	1:8.9
ubuntu/openssh	<1:9.0	1:9.0
ubuntu/openssh	<1:7.6	1:7.6
ubuntu/openssh	<1:6.6	1:6.6
ubuntu/openssh	<1:7.2	1:7.2
ubuntu/openssh	<1:9.3	1:9.3
Apple macOS Sonoma	<14	14
debian/openssh	<=1:7.9p1-10+deb10u2	1:7.9p1-10+deb10u4 1:8.4p1-5+deb11u3 1:9.2p1-2+deb12u2 1:9.6p1-4 1:9.6p1-5

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2023-40384
CVE-2023-32377
CVE-2023-38615
CVE-2023-42929
CVE-2023-40448
CVE-2023-42872
CVE-2023-40432
CVE-2023-42871
CVE-2023-40399
CVE-2023-40410
CVE-2023-38612
CVE-2023-32361
CVE-2023-35984
CVE-2023-40402
CVE-2023-40426
CVE-2023-42876
CVE-2023-41065
CVE-2023-29497
CVE-2023-38596
CVE-2023-40406
CVE-2023-40420
CVE-2023-40528
CVE-2023-40438
CVE-2023-41994
CVE-2023-40407
CVE-2023-32396
CVE-2023-42933
CVE-2023-41980
CVE-2023-40411
CVE-2023-40395
CVE-2023-40391
CVE-2023-40441
CVE-2023-23495
CVE-2023-40434
CVE-2023-38586
CVE-2023-40436
CVE-2023-41995
CVE-2023-42870
CVE-2023-41981
CVE-2023-41984
CVE-2023-40429
CVE-2023-41060
CVE-2023-41067
CVE-2023-40400
CVE-2023-40454
CVE-2023-41073
CVE-2023-40403
CVE-2023-40427
CVE-2023-32421
CVE-2023-42826
CVE-2023-41986
CVE-2023-40455
CVE-2023-40386
CVE-2023-38408
CVE-2023-40401
CVE-2023-40393
CVE-2023-42934
CVE-2023-37448
CVE-2023-38607
CVE-2023-41987
CVE-2023-41063
CVE-2023-40422
CVE-2023-39233
CVE-2023-40388
CVE-2023-35990
CVE-2023-40417
CVE-2023-40452
CVE-2023-40430
CVE-2023-41996
CVE-2023-41078
CVE-2023-41070
CVE-2023-40541
CVE-2023-41079
CVE-2023-40443
CVE-2023-41968
CVE-2023-40450
CVE-2023-40424
CVE-2023-39434
CVE-2023-40414
CVE-2023-41074
CVE-2023-35074
CVE-2023-41993
CVE-2023-32359
CVE-2023-40385
CVE-2023-42833
CVE-2023-38610
CVE-2023-41066
CVE-2023-41979

Frequently Asked Questions

What is CVE-2023-38408?
CVE-2023-38408 is a vulnerability in OpenSSH that allows for remote code execution if an agent is forwarded to an attacker-controlled system.
What is the severity of CVE-2023-38408?
CVE-2023-38408 has a severity rating of 9.8, which is considered critical.
How does CVE-2023-38408 affect OpenSSH versions?
CVE-2023-38408 affects OpenSSH versions before 9.3p2.
How can I fix CVE-2023-38408?
To fix CVE-2023-38408, update OpenSSH to version 9.3p2 or later.
Where can I find more information about CVE-2023-38408?
You can find more information about CVE-2023-38408 in the references provided: [link1](https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8), [link2](https://www.openssh.com/txt/release-9.3p2), [link3](https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt)

collector/oss-sec
alias/CVE-2023-38408
collector/nvd-latest
collector/nvd-index
collector/ibm-support
agent/type
agent/remedy
collector/launchpad-cve
source/Launchpad
collector/redhat-bugzilla
source/Red Hat
agent/first-publish-date
agent/severity
agent/author
agent/title
agent/weakness
agent/description
collector/usn-cve
source/Ubuntu
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/tags
agent/event
agent/references
collector/apple-support
source/Apple
agent/last-modified-date
collector/nvd-api
agent/software-canonical-lookup-request
vendor/openbsd
canonical/openbsd openssh
version/openbsd openssh/9.3
version/openbsd openssh/9.3-p1
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/37
version/fedoraproject fedora/38
vendor/ibm
canonical/ibm qradar siem
version/ibm qradar siem/7.5.0 - 7.5.0 up6
package-manager/ubuntu
package-manager/debian
vendor/apple
canonical/apple macos sonoma

CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Peer vulnerabilities

Frequently Asked Questions

What is CVE-2023-38408?

What is the severity of CVE-2023-38408?

How does CVE-2023-38408 affect OpenSSH versions?

How can I fix CVE-2023-38408?

Where can I find more information about CVE-2023-38408?

Company

Resources

Contact