CVE-2021-41393
9.8 CRITICALTeleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations
Published: 2021-09-18 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
| Vendor | Product |
|---|---|
| goteleport | teleport |
Description
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-41393
- [Patch]https://github.com/gravitational/teleport/releases/tag/v4.4.11
- [Patch]https://github.com/gravitational/teleport/releases/tag/v5.2.4
- [Patch]https://github.com/gravitational/teleport/releases/tag/v6.2.12
- [Patch]https://github.com/gravitational/teleport/releases/tag/v7.1.1
- [Patch]https://github.com/gravitational/teleport/releases/tag/v4.4.11
- [Patch]https://github.com/gravitational/teleport/releases/tag/v5.2.4
- [Patch]https://github.com/gravitational/teleport/releases/tag/v6.2.12
- [Patch]https://github.com/gravitational/teleport/releases/tag/v7.1.1
Related CVEs
Same vendor
- CVE-2021-41395 — Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted d... (6.5 MEDIUM)
- CVE-2021-41394 — Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations (5.3 MEDIUM)