{"api_version":"1","generated_at":"2026-04-23T01:43:03+00:00","cve":"CVE-2017-18001","urls":{"html":"https://cve.report/CVE-2017-18001","api":"https://cve.report/api/cve/CVE-2017-18001.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-18001","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-18001"},"summary":{"title":"CVE-2017-18001","description":"Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-12-31 19:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["CWE-306"],"metrics":[],"references":[{"url":"https://www.trustwave.com/Resources/Trustwave-Software-Updates/Important-Security-Update-for-Trustwave-Secure-Web-Gateway/","name":"https://www.trustwave.com/Resources/Trustwave-Software-Updates/Important-Security-Update-for-Trustwave-Secure-Web-Gateway/","refsource":"MISC","tags":["Vendor Advisory"],"title":"SWG vulnerability version 11.8 and earlier | Trustwave","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://blogs.securiteam.com/index.php/archives/3550","name":"https://blogs.securiteam.com/index.php/archives/3550","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"SSD Advisory – Trustwave SWG Unauthorized Access - SSD Secure Disclosure","mime":"text/html","httpstatus":"401","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2017/Dec/88","name":"http://seclists.org/fulldisclosure/2017/Dec/88","refsource":"MISC","tags":["Exploit","Mailing List","Third Party Advisory"],"title":"Full Disclosure: SSD Advisory – Trustwave SWG Unauthorized Access","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/44047/","name":"44047","refsource":"EXPLOIT-DB","tags":[],"title":"Trustwave SWG 11.8.0.27 - SSH Unauthorized Access","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-18001","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18001","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"18001","vulnerable":"1","versionEndIncluding":"11.8.0.27","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trustwave","cpe5":"secure_web_gateway","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-18001","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://seclists.org/fulldisclosure/2017/Dec/88","refsource":"MISC","url":"http://seclists.org/fulldisclosure/2017/Dec/88"},{"name":"https://blogs.securiteam.com/index.php/archives/3550","refsource":"MISC","url":"https://blogs.securiteam.com/index.php/archives/3550"},{"name":"https://www.trustwave.com/Resources/Trustwave-Software-Updates/Important-Security-Update-for-Trustwave-Secure-Web-Gateway/","refsource":"MISC","url":"https://www.trustwave.com/Resources/Trustwave-Software-Updates/Important-Security-Update-for-Trustwave-Secure-Web-Gateway/"},{"name":"44047","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/44047/"}]}},"nvd":{"publishedDate":"2017-12-31 19:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["CWE-306"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":10},"severity":"HIGH","exploitabilityScore":10,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trustwave:secure_web_gateway:*:*:*:*:*:*:*:*","versionEndIncluding":"11.8.0.27","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"18001","Ordinal":"119675","Title":"CVE-2017-18001","CVE":"CVE-2017-18001","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"18001","Ordinal":"1","NoteData":"Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"18001","Ordinal":"2","NoteData":"2017-12-31","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"18001","Ordinal":"3","NoteData":"2018-02-16","Type":"Other","Title":"Modified"}]}}}