An improper access control vulnerability in the admin SSH console of multiple products may allow an authenticated user to access internal only system services via using SSH local port forwarding. A successful attack needs an authenticated admin SSH user to set up a port bounce to product internal only services via SSH local port forwarding; potential consequences are information disclosure and/or privilege escalation.