CVE-2022-29245 (Medium) detected in ssh.net.2020.0.1.nupkg #9
Description
CVE-2022-29245 - Medium Severity Vulnerability
Vulnerable Library - ssh.net.2020.0.1.nupkg
A Secure Shell (SSH) library for .NET, optimized for parallelism.
Library home page: https://api.nuget.org/packages/ssh.net.2020.0.1.nupkg
Path to dependency file: /Activities/FTP/UiPath.FTP.Activities/UiPath.FTP.Activities.csproj
Path to vulnerable library: /tmp/ws-ua_20230620162214_SSRFPG/dotnet_EGMXVM/20230620162214/ssh.net/2020.0.1/ssh.net.2020.0.1.nupkg
Dependency Hierarchy:
- ❌ ssh.net.2020.0.1.nupkg (Vulnerable Library)
Found in HEAD commit: 0c6513d8fe51047cbb7f6a41f2c1a1a25712e96a
Found in base branch: develop
Vulnerability Details
SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an "X25519" key exchange, the client’s private key is generated with "System.Random". "System.Random" is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an attacker who is able to eavesdrop on the communications to decrypt them. Version 2020.0.2 contains a patch for this issue. As a workaround, one may disable support for "curve25519-sha256" and "curve25519-sha256@libssh.org" key exchange algorithms.
Publish Date: 2022-05-31
URL: CVE-2022-29245
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29245
Release Date: 2022-05-31
Fix Resolution: SSH.NET - 2020.0.2
- Check this box to open an automated fix PR