An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-14T00:00:00
Updated: 2023-12-22T20:06:14.229897
Reserved: 2023-10-23T00:00:00
Link: CVE-2023-46445
JSON object: View
NVD Information
Status : Modified
Published: 2023-11-14T03:15:09.470
Modified: 2023-12-22T20:15:07.270
Link: CVE-2023-46445
JSON object: View
Redhat Information
No data.
CWE