{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "state": "PUBLISHED", "cveId": "CVE-2021-41617", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-05-12T10:12:20.081Z", "dateReserved": "2021-09-26T00:00:00.000Z", "datePublished": "2021-09-26T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-26T04:06:21.619Z" }, "descriptions": [ { "lang": "en", "value": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user." } ], "affected": [ { "vendor": "n/a", "product": "n/a", "versions": [ { "version": "n/a", "status": "affected" } ] } ], "references": [ { "url": "https://www.openssh.com/security.html" }, { "url": "https://www.openwall.com/lists/oss-security/2021/09/26/1" }, { "url": "https://www.openssh.com/txt/release-8.8" }, { "name": "FEDORA-2021-1f7339271d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" }, { "name": "FEDORA-2021-f8df0f8563", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" }, { "name": "FEDORA-2021-fa0e94198f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975" }, { "url": "https://security.netapp.com/advisory/ntap-20211014-0004/" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.starwindsoftware.com/security/sw-20220805-0001/" }, { "url": "https://www.tenable.com/plugins/nessus/154174" }, { "name": "DSA-5586", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" } ], "problemTypes": [ { "descriptions": [ { "type": "text", "lang": "en", "description": "n/a" } ] } ] }, "adp": [ { "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:15:29.208Z" }, "title": "CVE Program Container", "references": [ { "url": "https://www.openssh.com/security.html", "tags": [ "x_transferred" ] }, { "url": "https://www.openwall.com/lists/oss-security/2021/09/26/1", "tags": [ "x_transferred" ] }, { "url": "https://www.openssh.com/txt/release-8.8", "tags": [ "x_transferred" ] }, { "name": "FEDORA-2021-1f7339271d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/" }, { "name": "FEDORA-2021-f8df0f8563", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/" }, { "name": "FEDORA-2021-fa0e94198f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": [ "x_transferred" ] }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975", "tags": [ "x_transferred" ] }, { "url": "https://security.netapp.com/advisory/ntap-20211014-0004/", "tags": [ "x_transferred" ] }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": [ "x_transferred" ] }, { "url": "https://www.starwindsoftware.com/security/sw-20220805-0001/", "tags": [ "x_transferred" ] }, { "url": "https://www.tenable.com/plugins/nessus/154174", "tags": [ "x_transferred" ] }, { "name": "DSA-5586", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" } ] }, { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T10:12:20.081Z" }, "affected": [ { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.5", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.5", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.5", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.5", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.5", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html" } ] } ] } }