{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T16:21:31.013","vulnerabilities":[{"cve":{"id":"CVE-2024-2873","sourceIdentifier":"facts@wolfssl.com","published":"2024-03-25T22:37:19.847","lastModified":"2025-12-05T20:09:27.363","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access.\n"},{"lang":"es","value":"Se encontró una vulnerabilidad en la máquina de estado del lado del servidor de wolfSSH antes de las versiones 1.4.17. Un cliente malintencionado podría crear canales sin realizar primero la autenticación del usuario, lo que provocaría un acceso no autorizado."}],"metrics":{"cvssMetricV31":[{"source":"facts@wolfssl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"facts@wolfssl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wolfssh:wolfssh:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.17","matchCriteriaId":"9F84F99B-681F-43B2-BEA5-B3ED6BFABC3D"}]}]}],"references":[{"url":"https://github.com/wolfSSL/wolfssh/pull/670","source":"facts@wolfssl.com","tags":["Issue Tracking"]},{"url":"https://github.com/wolfSSL/wolfssh/pull/671","source":"facts@wolfssl.com","tags":["Issue Tracking"]},{"url":"https://www.wolfssl.com/docs/security-vulnerabilities/","source":"facts@wolfssl.com","tags":["Vendor Advisory"]},{"url":"https://github.com/wolfSSL/wolfssh/pull/670","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/wolfSSL/wolfssh/pull/671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://www.wolfssl.com/docs/security-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}