greenbone · timopollmeier · Jun 28, 2021 · Jun 24, 2021 · Jun 24, 2021 · Jun 24, 2021
diff --git a/src/manage_sql.c b/src/manage_sql.c
@@ -30658,7 +30658,7 @@ create_target (const char* name, const char* asset_hosts_filter,
   if (ssh_elevate_credential && (!ssh_credential))
     return 14;
 
-  if (ssh_elevate_credential == ssh_credential)
+  if (ssh_credential && (ssh_elevate_credential == ssh_credential))
     return 15;
 
   sql_begin_immediate ();
@@ -31108,7 +31108,9 @@ delete_target (const char *target_id, int ultimate)
  *         18 invalid SSH credential type, 19 invalid SMB credential type,
  *         20 invalid ESXi credential type, 21 invalid SNMP credential type,
  *         22 failed to find SSH elevate cred, 23 invalid SSH elevate
- *         credential type, 99 permission denied, -1 error.
+ *         credential type, 24 SSH elevate credential without SSH credential,
+ *         25 SSH elevate credential equals SSH credential,
+ *         99 permission denied, -1 error.
  */
 int
 modify_target (const char *target_id, const char *name, const char *hosts,
@@ -31122,6 +31124,8 @@ modify_target (const char *target_id, const char *name, const char *hosts,
                const char *allow_simultaneous_ips)
 {
   target_t target;
+  credential_t ssh_credential = 0;
+  credential_t ssh_elevate_credential = 0;
 
   assert (target_id);
 
@@ -31141,18 +31145,6 @@ modify_target (const char *target_id, const char *name, const char *hosts,
       return 13;
     }
 
-  if (ssh_elevate_credential_id && (!ssh_credential_id))
-    {
-      sql_rollback ();
-      return 24;
-    }
-
-  if (ssh_elevate_credential_id == ssh_credential_id)
-    {
-      sql_rollback ();
-      return 25;
-    }
-
   target = 0;
   if (find_target_with_permission (target_id, &target, "modify_target"))
     {
@@ -31273,8 +31265,6 @@ modify_target (const char *target_id, const char *name, const char *hosts,
 
   if (ssh_credential_id)
     {
-      credential_t ssh_credential;
-
       if (target_in_use (target))
         {
           sql_rollback ();
@@ -31329,8 +31319,6 @@ modify_target (const char *target_id, const char *name, const char *hosts,
 
   if (ssh_elevate_credential_id)
     {
-      credential_t ssh_elevate_credential;
-
       if (target_in_use (target))
         {
           sql_rollback ();
@@ -31495,6 +31483,25 @@ modify_target (const char *target_id, const char *name, const char *hosts,
         set_target_login_data (target, "snmp", 0, 0);
     }
 
+  if (ssh_credential_id || ssh_elevate_credential_id)
+    {
+      if (!ssh_credential_id)
+        ssh_credential = target_ssh_credential (target);
+      if (!ssh_elevate_credential_id)
+        ssh_elevate_credential = target_ssh_elevate_credential (target);
+
+      if (ssh_elevate_credential && !ssh_credential)
+        {
+          sql_rollback ();
+          return 24;
+        }
+      if (ssh_credential && (ssh_credential == ssh_elevate_credential))
+        {
+          sql_rollback ();
+          return 25;
+        }
+    }
+
   if (exclude_hosts)
     {
       gchar *quoted_exclude_hosts, *quoted_hosts, *clean, *clean_exclude;