Table of Contents
This issue affects the scp client shipped with openssh. The SSH protocol or the SSH client is not affected. For more detailed analysis please refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1666119#c3
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||3.1|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N|
This issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary.
CVE description copyright © 2017, The MITRE Corporation