CVE-2025-32728 | THREATINT

Description

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

PUBLISHED Reserved 2025-04-10 | Published 2025-04-10 | Updated 2025-05-08 | Assigner mitre

MEDIUM: 4.3CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Problem types

CWE-440 Expected Behavior Violation

Product status

Default status

unaffected

7.4 (custom) before 10.0

affected

References

security.netapp.com/advisory/ntap-20250425-0002/

lists.debian.org/debian-lts-announce/2025/05/msg00008.html

lists.mindrot.org/...openssh-unix-dev/2025-April/041879.html

www.openssh.com/txt/release-10.0

github.com/...ommit/fc86875e6acb36401dfc1dfb6b628a9d1460f367

ftp.openbsd.org/...nBSD/patches/7.6/common/013_ssh.patch.sig

www.openssh.com/txt/release-7.4

cve.org (CVE-2025-32728)

nvd.nist.gov (CVE-2025-32728)

Download JSON