sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
5 Medium
AI Score
Confidence
0.003 Low
EPSS
Percentile
69.3%