Erlang/OTP SSH Server の認証されないリモートコマンドの実行 (CVE-2025-32433) (Direct Check)

critical Nessus プラグイン ID 242072

Language:

バージョン 1.9 Oct 21, 2025, 3:09 AM Logic Changes (Implement workaround in SSH library to prevent triggering an engine bug.) Plugin Feed: 202510210309
バージョン 1.8 Oct 16, 2025, 4:39 PM Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.) Plugin Feed: 202510161639
バージョン 1.6 Oct 1, 2025, 9:12 PM Logic Changes (Adding support for user-supplied header added to all HTTP requests.) Plugin Feed: 202510012112
バージョン 1.5 Sep 30, 2025, 12:41 AM Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.) Plugin Feed: 202509300041
バージョン 1.4 Aug 26, 2025, 7:20 AM Logic Changes Plugin Feed: 202508260720
バージョン 1.3 Jul 28, 2025, 4:47 PM Logic Changes (RSA SSH certificates can use SHA2 signatures when needed) Plugin Feed: 202507281647
バージョン 1.2 Jul 16, 2025, 6:26 PM Exploit attributes ("Exploit available" set to "True") CISA reference CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploit framework metasploit" set to "True") Exploit attributes ("Exploitability ease" set to "Exploits are available") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202507161826
バージョン 1.1 Jul 15, 2025, 2:39 AM New Plugin Feed: 202507150239

* Changelogs are generally available for changes made after Nov 1, 2022