CVE-2021-45099
N/A
N/A
Summary
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/hassio-addons/addon-ssh/releases/tag/v10.0.0
- https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/hassio-addons/addon-ssh/releases/tag/v10.0.0
- https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.