CVE-2021-40334

Missing Handler vulnerability in the proprietary management protocol port TCP 5558 of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x...

The vulnerability in SSH authentication within the Cisco Policy Suite, related to the strict encoding of cryptographic keys, allows attackers to elevate their privileges in the system to the root level.

The SSH authentication vulnerability in the Cisco Policy Suite is related to the strict encoding of cryptographic keys. Exploiting this vulnerability allows a malicious actor to elevate their privileges in the system to the root level...

The vulnerability of the SSH microprogramming software for Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.

The vulnerability of the Secure Shell SSH microprogramming software of Cisco Firepower Threat Defense FTD is related to the escape of operations beyond the buffer in memory during the processing of SSH connections. Exploiting this vulnerability could allow a malicious actor to cause service...

CVE-2021-43284

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

Victure WR1200信任管理问题漏洞

Victure WR1200 is a router. Victure WR1200 1.0.3 and prior versions are vulnerable to trust management issues, which can be exploited by attackers to gain control of the device via SSH...

The vulnerability of the SSH protocol implementation in the Dell Isilon InsightIQ performance monitoring and reporting analytics platform allows a hacker to bypass security restrictions and gain full control over the application.

The vulnerability of the SSH protocol implementation of the analysis platform for monitoring performance and generating reports in Dell Isilon InsightIQ is related to the use of cryptographic algorithms that contain vulnerabilities and risks. Exploiting this vulnerability could allow a malicious...

Common Cloud Misconfigurations Exploited in Minutes, Report

Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found. Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes...

mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0...

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

Airangel Hsmx Gateway 安全漏洞

Airangel Hsmx Gateway is a platform from Airangel UK. Used to manage authentication and billing in the network, a credential disclosure vulnerability exists in versions prior to Airangel Hsmx Gateway 5.2.04, which stems from the presence of weak SSH credentials in Airangel HSMX Gateway devices. A...

Cradlepoint IBR900-600 安全漏洞

The Cradlepoint IBR900-600 is a router from Cradlepoint USA. A security vulnerability exists in the Cradlepoint IBR900-600 that stems from a restricted shell escape sequence that may exist on Cradlepoint IBR900-600 7.2.60 devices. An attacker could exploit the vulnerability to deny the availabili...

PT-2021-4948

Name of the Vulnerable Software and Affected Versions Cisco Policy Suite affected versions not specified Description A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user...

CVE-2021-34781

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...

Cisco Firepower Threat Defense 缓冲区错误漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. A buffer error vulnerability exists in Cisco Firepower Threat Defense Software that stems from a lack of proper error handling when an SSH session cannot be established. A...

The vulnerability of the Brocade Fabric OS operating system, related to deficiencies in authentication procedures, allows attackers to gain access to the system.

The vulnerability of the Brocade Fabric OS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to gain access to the system via telnet, SSH, or REST...

CVE-2021-31352

An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit thi...

[SECURITY] Fedora 33 Update: openssh-8.4p1-8.fc33

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Juniper Networks SRX Series 加密问题漏洞

The Juniper Networks SRX Series is a set of SRX Series service gateway appliances from Juniper Networks, Inc. The Juniper Networks SRC Series suffers from a cryptographic issue vulnerability that stems from NETCONF over SSH allowing weak password negotiation. An attacker could exploit this...

[SECURITY] Fedora 35 Update: openssh-8.7p1-2.fc35

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Fedora: Security Advisory for openssh (FEDORA-2021-1f7339271d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...