{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-51385","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2026-05-12T11:21:37.418Z","dateReserved":"2023-12-18T00:00:00.000Z","datePublished":"2023-12-18T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-03-13T21:08:08.727Z"},"descriptions":[{"lang":"en","value":"In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://www.openssh.com/txt/release-9.6"},{"url":"https://www.openwall.com/lists/oss-security/2023/12/18/2"},{"url":"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a"},{"name":"DSA-5586","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2023/dsa-5586"},{"url":"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html"},{"name":"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"},{"name":"[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2023/12/26/4"},{"name":"GLSA-202312-17","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202312-17"},{"url":"https://security.netapp.com/advisory/ntap-20240105-0005/"},{"url":"https://support.apple.com/kb/HT214084"},{"name":"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4","tags":["mailing-list"],"url":"http://seclists.org/fulldisclosure/2024/Mar/21"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"title":"CVE Program Container","references":[{"url":"https://www.openssh.com/txt/release-9.6","tags":["x_transferred"]},{"url":"https://www.openwall.com/lists/oss-security/2023/12/18/2","tags":["x_transferred"]},{"url":"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a","tags":["x_transferred"]},{"name":"DSA-5586","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2023/dsa-5586"},{"url":"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html","tags":["x_transferred"]},{"name":"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"},{"name":"[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2023/12/26/4"},{"name":"GLSA-202312-17","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202312-17"},{"url":"https://security.netapp.com/advisory/ntap-20240105-0005/","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT214084","tags":["x_transferred"]},{"name":"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4","tags":["mailing-list","x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Mar/21"},{"url":"http://www.openwall.com/lists/oss-security/2025/10/07/1"},{"url":"http://www.openwall.com/lists/oss-security/2025/10/12/1"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T21:08:30.097Z"}},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-78","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.5,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-08-15T14:20:00.630258Z","id":"CVE-2023-51385","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-18T14:49:19.304Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T11:21:37.418Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-794697.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-769027.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"}]}]}}