CVE-2020-8445

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-8445

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8445.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-8445

Published

2020-01-30T01:15:10.917Z

Modified

2026-04-02T06:15:18.358337Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. In many cases, those characters are later logged. Because newlines (\n) are permitted in messages processed by ossec-analysisd, it may be possible to inject nested events into the ossec log. Use of terminal control characters may allow obfuscating events or executing commands when viewed through vulnerable terminal emulators. This may be an unauthenticated remote attack for certain types and origins of logged data.

References

Affected packages

Git / github.com/ossec/ossec-hids

Affected ranges

Type

GIT

Repo

https://github.com/ossec/ossec-hids

Events

Introduced

ec19fd9e712e8ee710ec7d29b9f1476a95913db8

Last affected

b1d087f83cd9693841f2baeede532397fbfa2d03

Database specific

{
    "versions": [
        {
            "introduced": "2.7"
        },
        {
            "last_affected": "3.5.0"
        }
    ]
}

Affected versions

2.*

2.8.1

2.8.2

2.9.0

2.9.0-beta01

2.9.0-beta02

2.9.0-beta03

2.9.0-beta04

2.9.1

2.9.2

2.9.3

2.9.4

2.9rc1

2.9rc2

2.9rc3

2.9rc4

3.*

3.0.0

3.0beta01

3.0beta02

3.0beta03

3.0beta2

3.1.0

3.2.0

3.3.0

3.4.0

3.5.0

Other

snapshot/20150112

v2.*

v2.7

v2.7.1

v2.8.0

v2.8.3

v2.9.0beta05

v2.9.0beta06

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8445.json"