CVE-2022-29245 - OpenCVE

SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client’s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ssh.net Project	Ssh.net

Configuration 1 [-]

OR	cpe:2.3:a:ssh.net_project:ssh.net:2020.0.0:-::::.net::*
	cpe:2.3:a:ssh.net_project:ssh.net:2020.0.0:beta1::::.net::*
	cpe:2.3:a:ssh.net_project:ssh.net:2020.0.1:::::.net::

References

Link	Resource
https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51	Exploit Third Party Advisory
https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb	Patch Third Party Advisory
https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2	Release Notes Third Party Advisory
https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p	Exploit Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-05-31T16:35:11

Updated: 2022-05-31T16:35:11

Reserved: 2022-04-13T00:00:00

Link: CVE-2022-29245

JSON object: View

NVD Information

Status : Modified

Published: 2022-05-31T17:15:07.837

Modified: 2023-11-07T03:45:59.683

Link: CVE-2022-29245

JSON object: View

Redhat Information

No data.

CWE

CWE-338

{"containers": {"cna": {"affected": [{"product": "SSH.NET", "vendor": "sshnet", "versions": [{"status": "affected", "version": ">= 2020.0.0, < 2020.0.2"}]}], "descriptions": [{"lang": "en", "value": "SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client\u2019s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-338", "description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-31T16:35:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2"}], "source": {"advisory": "GHSA-72p8-v4hg-v45p", "discovery": "UNKNOWN"}, "title": "Weak private key generation in SSH.NET", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-29245", "STATE": "PUBLIC", "TITLE": "Weak private key generation in SSH.NET"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SSH.NET", "version": {"version_data": [{"version_value": ">= 2020.0.0, < 2020.0.2"}]}}]}, "vendor_name": "sshnet"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client\u2019s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"}]}]}, "references": {"reference_data": [{"name": "https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p", "refsource": "CONFIRM", "url": "https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p"}, {"name": "https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb", "refsource": "MISC", "url": "https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb"}, {"name": "https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51", "refsource": "MISC", "url": "https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51"}, {"name": "https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2", "refsource": "MISC", "url": "https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2"}]}, "source": {"advisory": "GHSA-72p8-v4hg-v45p", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-29245", "datePublished": "2022-05-31T16:35:11", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2022-05-31T16:35:11", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ssh.net_project:ssh.net:2020.0.0:-:*:*:*:.net:*:*", "matchCriteriaId": "FFDC66EC-7329-4E57-BBE8-EE775C4EBF63", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh.net_project:ssh.net:2020.0.0:beta1:*:*:*:.net:*:*", "matchCriteriaId": "882F0E06-ED64-4064-9B0F-C26AC60245D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh.net_project:ssh.net:2020.0.1:*:*:*:*:.net:*:*", "matchCriteriaId": "04838499-F443-440E-912C-EB9E7BE26D25", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client\u2019s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for `curve25519-sha256` and `curve25519-sha256@libssh.org` key exchange algorithms."}, {"lang": "es", "value": "SSH.NET es una biblioteca de Secure Shell (SSH) para .NET. En versiones 2020.0.0 y 2020.0.1, durante un intercambio de claves \"X25519\", la clave privada del cliente se genera con \"System.Random\". \"System.Random\" no es un generador de n\u00fameros aleatorios criptogr\u00e1ficamente seguro, por lo que no debe ser usado con fines criptogr\u00e1ficos. Cuando es establecida una conexi\u00f3n SSH con un host remoto, durante el intercambio de claves X25519, la clave privada es generada con un generador de n\u00fameros aleatorios d\u00e9bil cuya semilla puede ser forzada. Esto permite que un atacante que sea capaz de espiar las comunicaciones las descifre. La versi\u00f3n 2020.0.2 contiene un parche para este problema. Como mitigaci\u00f3n, puede deshabilitarse el soporte para los algoritmos de intercambio de claves \"curve25519-sha256\" y \"curve25519-sha256@libssh.org\""}], "id": "CVE-2022-29245", "lastModified": "2023-11-07T03:45:59.683", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-05-31T17:15:07.837", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/sshnet/SSH.NET/commit/03c6d60736b8f7b42e44d6989a53f9b644a091fb"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/sshnet/SSH.NET/releases/tag/2020.0.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/sshnet/SSH.NET/security/advisories/GHSA-72p8-v4hg-v45p"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-338"}], "source": "security-advisories@github.com", "type": "Primary"}]}