Vulnerability Details CVE-2021-45099
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-45099
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:1.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:1.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:1.0.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:1.0.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.0.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.0.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.0.4
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.2.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.2.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.3.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.4.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.4.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:2.5.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.2.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.3.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.4.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.4.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.5.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.5.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.6.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.7.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.7.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.7.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:3.7.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:4.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:4.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:4.0.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:4.0.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:4.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:5.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:5.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:5.0.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.2.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.2.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.3.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.3.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.3.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.3.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.4.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.4.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.4.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:6.4.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.2.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.3.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.3.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.3.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.4.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.4.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.5.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.5.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.5.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.6.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.7.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:7.8.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.0.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.0.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.0.4
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.1.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.2.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.2.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.2.2
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.2.3
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:8.2.4
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:9.0.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:9.0.1
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:9.1.0
-
cpe:2.3:a:ssh_&_web_terminal_project:ssh_&_web_terminal:9.1.1