Primary

Context

OpenSSH Unintended ECDSA Algorithm Acceptance Vulnerability

Vulnerability

Patched

A vulnerability exists in OpenSSH versions prior to 10.3, where the handling of ECDSA algorithms in the PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms directives is flawed. If any ECDSA algorithm is listed, it is incorrectly interpreted to allow all ECDSA algorithms, leading to potential authentication issues.

Impact

This vulnerability could result in improper authentication by allowing unauthorized ECDSA algorithms to be accepted, potentially leading to unauthorized access or actions.

Remediation

Users can upgrade to OpenSSH version 10.3 or later, where this vulnerability has been addressed.

Added: Apr 2, 2026, 7:20 PM

Updated: Apr 2, 2026, 7:20 PM

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

0.6

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

0.6

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenSSH Unintended ECDSA Algorithm Acceptance Vulnerability

Vulnerability

Impact

Remediation

Affected Products

OpenSSH

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating