CVE
CVE-2018-20685
| CVE ID |
CVE-2018-20685
|
|---|---|
| CVSS Score |
5.3
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
7.4p1-23_ol001.el7
|
| Patch Date |
|
Additional Information
NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.