34.84.57.22
{
"scan_id": 1765408089,
"ip": "34.84.57.22",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "34.84.0.0/18",
"postal_code": "151-0053",
"coordinates": {
"latitude": "35.6893",
"longitude": "139.6899"
},
"geo_point": "35.6893, 139.6899",
"locale_code": "en",
"continent": "Asia",
"country_code": "JP",
"country_name": "Japan",
"city": "Tokyo"
},
"location_updated_at": "2025-12-13T08:10:48Z",
"asn": {
"number": "AS396982",
"organization": "GOOGLE-CLOUD-PLATFORM",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "34.64.0.0/10",
"organization": "Google LLC",
"descr": "Google LLC",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-10T00:25:38Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-12-13T08:10:48Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-12-13T08:14:53Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-12-13T08:10:48Z"
}
],
"hostnames": [
{
"name": "22.57.84.34.bc.googleusercontent.com",
"last_updated_at": "2025-12-13T08:14:53Z"
}
],
"services": [
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "9.9",
"product": "OpenSSH",
"extra_info": "protocol 2.0",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:openbsd:openssh:9.9",
"part": "a",
"vendor": "openbsd",
"product": "openssh",
"version": "9\\.9",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ssh": {
"banner": "SSH-2.0-OpenSSH_9.9",
"client_to_server_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"client_to_server_compression": [
"none",
"[email protected]"
],
"client_to_server_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"host_key_algorithms": [
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-ed25519"
],
"kex_algorithms": [
"sntrup761x25519-sha512",
"[email protected]",
"mlkem768x25519-sha256",
"curve25519-sha256",
"[email protected]",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"diffie-hellman-group16-sha512",
"diffie-hellman-group18-sha512",
"diffie-hellman-group14-sha256",
"ext-info-s",
"[email protected]"
],
"key": {
"algorithm": "ssh-ed25519",
"fingerprint_sha256": "aba5707a7378509c205b05a9920e040342086920cf33517b4958bc5bc79f081c",
"raw": "AAAAC3NzaC1lZDI1NTE5AAAAILP8D3C+gOo1xt+HfHbVRrlsP//qEAeM8KsqF8Tc7ZOH"
},
"server_to_client_ciphers": [
"[email protected]",
"[email protected]",
"[email protected]",
"aes128-ctr",
"aes192-ctr",
"aes256-ctr"
],
"server_to_client_compression": [
"none",
"[email protected]"
],
"server_to_client_macs": [
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"[email protected]",
"hmac-sha2-256",
"hmac-sha2-512",
"hmac-sha1"
],
"software": "OpenSSH_9.9",
"version": "2.0"
}
},
"cve": [
{
"id": "CVE-2007-2768",
"score": 4.3,
"severity": "medium"
},
{
"id": "CVE-2008-3844",
"score": 9.3,
"severity": "high"
},
{
"id": "CVE-2023-51767",
"score": 7,
"severity": "high"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-07T23:10:03.59Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Golang net/http server",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:golang:go",
"part": "a",
"vendor": "golang",
"product": "go",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "ok",
"body_murmur": -341126049,
"body_sha256": "2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df",
"content_length": 2,
"headers": {
"content_length": [
"2"
],
"content_type": [
"text/plain; charset=utf-8"
],
"date": [
"Sun, 14 Dec 2025 00:01:03 GMT"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "34.84.57.22",
"path": "",
"scheme": "http"
}
},
"status_code": 200
}
},
"cve": [
{
"id": "CVE-2023-24532",
"score": 5.3,
"severity": "medium"
}
],
"url": "http://34.84.57.22/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-14T00:01:04.234Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Golang net/http server",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:golang:go",
"part": "a",
"vendor": "golang",
"product": "go",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "ok",
"body_murmur": -341126049,
"body_sha256": "2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df",
"content_length": 2,
"headers": {
"content_length": [
"2"
],
"content_type": [
"text/plain; charset=utf-8"
],
"date": [
"Sat, 13 Dec 2025 12:08:29 GMT"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "34.84.57.22",
"path": "",
"scheme": "https"
}
},
"status_code": 200
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "7f3af7becd7c7853330be8ede7619089d50dfeba",
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"subject_key_id": "74ea74cb88b03fc00fe0c70090257ff3e756aa50"
},
"fingerprint_md5": "0B50A6F94BEBCB78583C369780736995",
"fingerprint_sha1": "FAD1CB15FF4694A9943C131940FC9EACCD581620",
"fingerprint_sha256": "4DD6B50E74A519598A5074C0C2F3A9CF4606760D407BC5150033EE1BCDBEAD15",
"issuer": {
"common_name": [
"Bogus IA"
],
"country": [
"US"
],
"email_address": [
"[email protected]"
],
"organization": [
"BogusIA"
],
"province": [
"MA"
]
},
"issuer_dn": "/CN=Bogus IA/ST=MA/C=US/[email protected]/O=BogusIA",
"jarm": "3fd3fd00000000000043d43d00043d32c43d8acf7f98719049050401317871",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "4097",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MzUzYWFiN2JiMzFkN2Y4ODQyZDVhZDNjNTFkYmI5NjgwMjRiM2JlMzY2OWJmNGQ2OTA0NDE2NmQ3MmJiMDdhNGI2OTIzNjU3YmY1ZTk0NDA4NGM3NjYzZjhhYjM3NGZmMjRjMjBjZjUzYmQ5MjJhN2I1ZWUwMjU0MDZmNzVjODc4OWNkOTM0ZmQ5NDA5MTc2ZGQwMmM3Y2QzYWNmNmQyYTRiMWJkYzZkM2JlMjg3YjdlNDYxMTZiNmZjYjE0N2I2MWUwMWI5YTYyNTNkNDc0N2YwMzQ2YzVkMDRiNjgwM2UxNGZlNGM0ZmVlZGMyNmRhMzdiOTg0MDY5OWM2MmY4NjE2MWY3MjI0ZjRlOTIyYzA0ZTMzMWM0M2I5ZDVmMjk1NDBjOTdkOGQyNDZmYzZlMGRkZGYwNTUwYTI5NmExODRhZTM5MmQyOThiZDJiYTc1NThlMjU1YTZlNjk0YzZhYThmMjM3YjBkZmU4MzI5M2U1NWJkOTk4MWZlYTYwZmMwMGZhYjg3ZTA0MjhmYWZkYzllNGVlYjk4MzYyNzk1Nzc0MjM1MzA4OWY4ZGJmY2QyYmIyMzc1ZDNhYTI2NWZkYjYxMzFkMGYyZGM0ZWM1YTAzYTFmNDY1ZmU3OWI3ZTk5Y2JlMmU1ZTM4MDUxZDUzNzRmYjVkNzcxOTQ1ZDU4MzEzMDUxMWIyZjU5NTIzNzU4ODNhMzYzODkzZmMzYzI0MDllYWYzZjljMjcyM2Y4NDQxNTg3MzM3NTc1YmJiNzIwODA3ODE5MDIyNDQzYzVkZjhiZWQ2NWNlNzU4YzcyNzBlNDMyYTdmZmM0MTI5NDkzZjkxMWFjMjY3OGQ2OWNkMWIzYmRmNmI4Y2NhMzk3OWJjMjljMDdlZmNmMmUxMWU5MjY2NTAyYTRlZDBhZDU3N2M2ZTZjYWZhZmQxYWYxZWU5MmUyMTNmZWQzMDM2ZDAxMzQwNzlkNjVkNGRmZmZmMjMxZmRmZjAzZTAyM2ZmOGVmNDU2NzM4OTI1MGJlZmMwZWUzMDhhMDE1OTUyMTg3YjVlN2MzY2U0OGYzOWI5MzUwMzdkODY3YzM0ODA5NzllNWZjNWQyYjY5N2U1MjMwOGU2MjhlOGVjNTIyNGIyOWZiYTc3ZGUzODMyOGU5YjNlY2NjNjZkMTFlY2ExZDZlYTM5YmJjYzM2MGQ4MWJkNzM1YjBmNmQwM2E0Y2JiMDczNjQwNTRkMmU4MGE2NTMyMmRlZWZlOWQyNGRlNDhhMWQyM2RlZDlkZTE0ZTkzZTVhMjYyZDQyMmRiNGNjNGQ3MTcxMTBiYzAxMGI5MDZmYTI1ZGNhNDY1ODYyNjllNWMyZDhmNDkzYWM1YzM5ZDM0ZA=="
},
"subject": {
"common_name": [
"main-rsa"
],
"country": [
"US"
],
"email_address": [
"[email protected]"
],
"organization": [
"Bogus"
],
"province": [
"MA"
]
},
"subject_alt_name": {
"dns_names": [
"main-rsa"
],
"extended_dns_names": []
},
"subject_dn": "/CN=main-rsa/ST=MA/C=US/[email protected]/O=Bogus",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "e3c66957597d054a34b89c8838f879e5a389e8bf94c9b3c03574d36c07c03601",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhiZDYzNTc1NjY2YzE4ZWUyMzgwZDZmMzFhZGNlMjdlYzg5ZDFkYmQ0ZTMyYTY0NDJkMGRjZmQwNTc5MDA3MzljOGZhYjU1ZjE1ZDQ4NmI5MThjYzYxNjNhMzljMDdhNTZiNWUwOGU3YmFiZDdlNjU3ZGQzNWFjYTEwODAyYTMzMzdmNjM0ZTgzZjE1MmMwMmU4ZGNjMjYwNmJhZGMxM2JmMzk5NDIyMDAwMGVmYjY3NTAyODg0YzQ0YTdiNDk2ZDc1MjlhM2Q0ZjNjYTNkNzNkMjg2YmYwNzM4NDk3MDdmZDM5YmU1NGU2YTU2ZmFiN2FkYzlhMjJjZmE3NWE2MjMzZTg5MTI2MWUzNDkzNTVlZTFiNDYxOWY4NzIxYWJkNjMzZmUyOTg2NzJiMTg3OTYxNDkwNmEzMWFkN2VmNTRmNjY2NWMwYzk3ZTljY2JmNDI5YTEyNTA5ZTNjZDcxYTIxYjZhYmFlM2M2YjhhODMwOTk5OTM5YjQwMWZmYjQ5N2ZhNGIyMDljZjM3NzhmMmU4MTFhYTM5NmQ1ZWVhMDBmMmExMzM2YjE1ZmYwMDM0NmNmMjRiYWZhYzU2ZDc3NzU5ZjQ0YjMyOTk5YzE3YzgxZTg5NjA1ODk5ZWNkYjMzZWRkYWMyYTk2MGIxY2IzMGJhZDk5OGRiNmJjZWVlMDEwOQ=="
}
},
"tbs_fingerprint": "044151bcdf2924e82fac32a3d5632ef3054e45b8bb38850ea03adb1f029e9b61",
"validation_level": "OV",
"validity": {
"length_seconds": 315360000,
"not_after": "2032-06-28T18:05:09",
"not_before": "2022-07-01T18:05:09"
},
"version": 2
},
"fingerprint_sha256": "4DD6B50E74A519598A5074C0C2F3A9CF4606760D407BC5150033EE1BCDBEAD15",
"precert": false,
"raw": "MIIEpzCCAo+gAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwYjERMA8GA1UEAwwIQm9ndXMgSUExCzAJBgNVBAgMAk1BMQswCQYDVQQGEwJVUzEhMB8GCSqGSIb3DQEJARYSYm9ndXNAYm9ndXMtaWEuY29tMRAwDgYDVQQKDAdCb2d1c0lBMB4XDTIyMDcwMTE4MDUwOVoXDTMyMDYyODE4MDUwOVowXTERMA8GA1UEAwwIbWFpbi1yc2ExCzAJBgNVBAgMAk1BMQswCQYDVQQGEwJVUzEeMBwGCSqGSIb3DQEJARYPYm9ndXNAYm9ndXMuY29tMQ4wDAYDVQQKDAVCb2d1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1jV1ZmwY7iOA1vMa3OJ+yJ0dvU4ypkQtDc/QV5AHOcj6tV8V1Ia5GMxhY6OcB6VrXgjnur1+ZX3TWsoQgCozN/Y06D8VLALo3MJga63BO/OZQiAADvtnUCiExEp7SW11KaPU88o9c9KGvwc4SXB/05vlTmpW+retyaIs+nWmIz6JEmHjSTVe4bRhn4chq9Yz/imGcrGHlhSQajGtfvVPZmXAyX6cy/QpoSUJ481xohtquuPGuKgwmZk5tAH/tJf6SyCc83ePLoEao5bV7qAPKhM2sV/wA0bPJLr6xW13dZ9EsymZwXyB6JYFiZ7Nsz7drCqWCxyzC62Zjba87uAQkCAwEAAaNsMGowCQYDVR0TBAIwADAdBgNVHQ4EFgQUdOp0y4iwP8AP4McAkCV/8+dWqlAwHwYDVR0jBBgwFoAUfzr3vs18eFMzC+jt52GQidUN/rowHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4ICAQA1Oqt7sx1/iELVrTxR27loAks742ab9NaQRBZtcrsHpLaSNle/XpRAhMdmP4qzdP8kwgz1O9kip7XuAlQG91yHic2TT9lAkXbdAsfNOs9tKksb3G074oe35GEWtvyxR7YeAbmmJT1HR/A0bF0EtoA+FP5MT+7cJto3uYQGmcYvhhYfciT06SLATjMcQ7nV8pVAyX2NJG/G4N3fBVCilqGErjktKYvSunVY4lWm5pTGqo8jew3+gyk+Vb2Zgf6mD8APq4fgQo+v3J5O65g2J5V3QjUwifjb/NK7I3XTqiZf22Ex0PLcTsWgOh9GX+ebfpnL4uXjgFHVN0+113GUXVgxMFEbL1lSN1iDo2OJP8PCQJ6vP5wnI/hEFYczdXW7tyCAeBkCJEPF34vtZc51jHJw5DKn/8QSlJP5EawmeNac0bO99rjMo5ebwpwH788uEekmZQKk7QrVd8bmyvr9GvHukuIT/tMDbQE0B51l1N//8jH9/wPgI/+O9FZziSUL78DuMIoBWVIYe158POSPObk1A32GfDSAl55fxdK2l+UjCOYo6OxSJLKfunfeODKOmz7Mxm0R7KHW6jm7zDYNgb1zWw9tA6TLsHNkBU0ugKZTIt7v6dJN5IodI97Z3hTpPlomLUIttMxNcXEQvAELkG+iXcpGWGJp5cLY9JOsXDnTTQ==",
"tags": [
"ov",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-2023-24532",
"score": 5.3,
"severity": "medium"
}
],
"url": "https://34.84.57.22/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-14T01:11:56.569Z"
}
],
"services_hash": "95c006103cd55ccf059f4c0428bb516b6f3f647d744e78a7dbca11b265571d27",
"last_updated_at": "2025-12-14T01:11:56.569Z",
"banner": [
"http",
"tls",
"ssh"
],
"is_vuln": true,
"cveDetails": {
"CVE-2007-2768": {
"id": "CVE-2007-2768",
"references": [
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/",
"http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html",
"http://www.osvdb.org/34601",
"https://security.netapp.com/advisory/ntap-20191107-0002/"
],
"score": 4.3,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2008-3844": {
"id": "CVE-2008-3844",
"references": [
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747",
"http://secunia.com/advisories/31575",
"http://secunia.com/advisories/32241",
"http://securitytracker.com/id?1020730",
"http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"http://www.redhat.com/security/data/openssh-blacklist.html",
"http://www.redhat.com/support/errata/RHSA-2008-0855.html",
"http://www.securityfocus.com/bid/30794",
"http://www.vupen.com/english/advisories/2008/2821",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/44747"
],
"score": 9.3,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.",
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "CWE-20"
},
"CVE-2023-51767": {
"id": "CVE-2023-51767",
"references": [
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767",
"https://www.openwall.com/lists/oss-security/2025/09/22/1",
"http://www.openwall.com/lists/oss-security/2025/09/22/1",
"http://www.openwall.com/lists/oss-security/2025/09/22/2",
"http://www.openwall.com/lists/oss-security/2025/09/23/1",
"http://www.openwall.com/lists/oss-security/2025/09/23/3",
"http://www.openwall.com/lists/oss-security/2025/09/23/4",
"http://www.openwall.com/lists/oss-security/2025/09/23/5",
"http://www.openwall.com/lists/oss-security/2025/09/24/4",
"http://www.openwall.com/lists/oss-security/2025/09/24/7",
"http://www.openwall.com/lists/oss-security/2025/09/25/2",
"http://www.openwall.com/lists/oss-security/2025/09/25/6",
"http://www.openwall.com/lists/oss-security/2025/09/26/2",
"http://www.openwall.com/lists/oss-security/2025/09/26/4",
"http://www.openwall.com/lists/oss-security/2025/09/27/1",
"http://www.openwall.com/lists/oss-security/2025/09/27/2",
"http://www.openwall.com/lists/oss-security/2025/09/27/3",
"http://www.openwall.com/lists/oss-security/2025/09/27/4",
"http://www.openwall.com/lists/oss-security/2025/09/27/5",
"http://www.openwall.com/lists/oss-security/2025/09/27/6",
"http://www.openwall.com/lists/oss-security/2025/09/27/7",
"http://www.openwall.com/lists/oss-security/2025/09/28/7",
"http://www.openwall.com/lists/oss-security/2025/09/29/1",
"http://www.openwall.com/lists/oss-security/2025/09/29/4",
"http://www.openwall.com/lists/oss-security/2025/09/29/5",
"http://www.openwall.com/lists/oss-security/2025/09/29/6",
"http://www.openwall.com/lists/oss-security/2025/10/01/1",
"http://www.openwall.com/lists/oss-security/2025/10/01/2",
"https://access.redhat.com/security/cve/CVE-2023-51767",
"https://arxiv.org/abs/2309.02545",
"https://bugzilla.redhat.com/show_bug.cgi?id=2255850",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77",
"https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878",
"https://security.netapp.com/advisory/ntap-20240125-0006/",
"https://ubuntu.com/security/CVE-2023-51767"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. NOTE: this is disputed by the Supplier, who states \"we do not consider it to be the application's responsibility to defend against platform architectural weaknesses.\"",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
}
}
}