Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by ovh

    CVE-2025-59339 (GCVE-0-2025-59339)

    Vulnerability from nvd – Published: 2025-09-17 17:50 – Updated: 2025-09-17 18:09
    VLAI
    Title
    The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script
    Summary
    The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, if configured to. When running, the script properly rotates and encrypts the files using the provided GPG key(s), but silently fails to sign them, even if asked to.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-325 - Missing Cryptographic Step
    Assigner
    References
    Impacted products
    Vendor Product Version
    ovh the-bastion Affected: < 3.22.00
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-17T18:08:36.241076Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-17T18:09:55.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "the-bastion",
              "vendor": "ovh",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.22.00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, if configured to. When running, the script properly rotates and encrypts the files using the provided GPG key(s), but silently fails to sign them, even if asked to."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-325",
                  "description": "CWE-325: Missing Cryptographic Step",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-17T17:50:34.877Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-h66q-g57p-rgg6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-h66q-g57p-rgg6"
            },
            {
              "name": "https://github.com/ovh/the-bastion/commit/9bc85ec3f4b724f903773ba64909777c4826a13f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/ovh/the-bastion/commit/9bc85ec3f4b724f903773ba64909777c4826a13f"
            }
          ],
          "source": {
            "advisory": "GHSA-h66q-g57p-rgg6",
            "discovery": "UNKNOWN"
          },
          "title": "The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-59339",
        "datePublished": "2025-09-17T17:50:34.877Z",
        "dateReserved": "2025-09-12T12:36:24.635Z",
        "dateUpdated": "2025-09-17T18:09:55.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45140 (GCVE-0-2023-45140)

    Vulnerability from nvd – Published: 2023-11-08 15:26 – Updated: 2024-09-12 19:10
    VLAI
    Title
    Group-based JIT MFA bypass on scp and sftp in The Bastion
    Summary
    The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    ovh the-bastion Affected: >= 3.0.0, <= 3.14.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:14:19.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x"
              },
              {
                "name": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T14:25:53.100320Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T19:10:42.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "the-bastion",
              "vendor": "ovh",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 3.0.0, \u003c= 3.14.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don\u0027t honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-08T15:26:26.584Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x"
            },
            {
              "name": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15"
            }
          ],
          "source": {
            "advisory": "GHSA-pr4q-w883-pf5x",
            "discovery": "UNKNOWN"
          },
          "title": "Group-based JIT MFA bypass on scp and sftp in The Bastion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-45140",
        "datePublished": "2023-11-08T15:26:26.584Z",
        "dateReserved": "2023-10-04T16:02:46.329Z",
        "dateUpdated": "2024-09-12T19:10:42.145Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-59339 (GCVE-0-2025-59339)

    Vulnerability from cvelistv5 – Published: 2025-09-17 17:50 – Updated: 2025-09-17 18:09
    VLAI
    Title
    The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script
    Summary
    The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, if configured to. When running, the script properly rotates and encrypts the files using the provided GPG key(s), but silently fails to sign them, even if asked to.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-325 - Missing Cryptographic Step
    Assigner
    References
    Impacted products
    Vendor Product Version
    ovh the-bastion Affected: < 3.22.00
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-17T18:08:36.241076Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-17T18:09:55.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "the-bastion",
              "vendor": "ovh",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.22.00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, if configured to. When running, the script properly rotates and encrypts the files using the provided GPG key(s), but silently fails to sign them, even if asked to."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-325",
                  "description": "CWE-325: Missing Cryptographic Step",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-17T17:50:34.877Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-h66q-g57p-rgg6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-h66q-g57p-rgg6"
            },
            {
              "name": "https://github.com/ovh/the-bastion/commit/9bc85ec3f4b724f903773ba64909777c4826a13f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/ovh/the-bastion/commit/9bc85ec3f4b724f903773ba64909777c4826a13f"
            }
          ],
          "source": {
            "advisory": "GHSA-h66q-g57p-rgg6",
            "discovery": "UNKNOWN"
          },
          "title": "The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2025-59339",
        "datePublished": "2025-09-17T17:50:34.877Z",
        "dateReserved": "2025-09-12T12:36:24.635Z",
        "dateUpdated": "2025-09-17T18:09:55.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45140 (GCVE-0-2023-45140)

    Vulnerability from cvelistv5 – Published: 2023-11-08 15:26 – Updated: 2024-09-12 19:10
    VLAI
    Title
    Group-based JIT MFA bypass on scp and sftp in The Bastion
    Summary
    The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    ovh the-bastion Affected: >= 3.0.0, <= 3.14.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:14:19.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x"
              },
              {
                "name": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T14:25:53.100320Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T19:10:42.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "the-bastion",
              "vendor": "ovh",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 3.0.0, \u003c= 3.14.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don\u0027t honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This abnormal behavior only applies to per-group-based JIT MFA. Other MFA setup types, such as Immediate MFA, JIT MFA on a per-plugin basis and JIT MFA on a per-account basis are not affected. This issue has been patched in version 3.14.15."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-08T15:26:26.584Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ovh/the-bastion/security/advisories/GHSA-pr4q-w883-pf5x"
            },
            {
              "name": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/ovh/the-bastion/releases/tag/v3.14.15"
            }
          ],
          "source": {
            "advisory": "GHSA-pr4q-w883-pf5x",
            "discovery": "UNKNOWN"
          },
          "title": "Group-based JIT MFA bypass on scp and sftp in The Bastion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2023-45140",
        "datePublished": "2023-11-08T15:26:26.584Z",
        "dateReserved": "2023-10-04T16:02:46.329Z",
        "dateUpdated": "2024-09-12T19:10:42.145Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }