PT-2019-5504 · Red Hat · Openshift Container Platform

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform versions 3.6.x through 4.6.0 Description: The issue is related to deficiencies in the authentication procedure of the Red Hat OpenShift Container Platform. It was found that the platform does not perform SSH Host...

HPE Intelligent Management Center (IMC) sshConfig Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. An sshConfig expression language injection remote code execution vulnerability exists in HPE Intelligent...

CVE-2019-1842

A vulnerability in the Secure Shell SSH authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...

PT-2022-7134 · X.Org +9 · X.Org +9

Name of the Vulnerable Software and Affected Versions: X.Org affected versions not specified Description: A security flaw was found in X.Org due to the XkbCopyNames function leaving a dangling pointer to freed memory. This results in out-of-bounds memory access on subsequent XkbGetKbdByName...

The vulnerability of the SSH network protocol implementation in Cisco Wireless LAN Controllers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Secure Shell SSH network protocol implementation in Cisco Wireless LAN Controller WLC software relates to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the network operating system NX-OS for Cisco Nexus 9000 series routers, related to errors in SSH credentials, allows a hacker to elevate their privileges to the root level.

The vulnerability of the network operating system NX-OS for Cisco Nexus 9000 series routers is related to errors in SSH key management. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root status by establishing an SSH connection via IPv6...

The vulnerability of the Secure Shell (SSH) protocol implementation in Cisco Small Business network devices allows a hacker to gain access to the configuration settings under the authority of the administrator.

The vulnerability of the Secure Shell SSH protocol implementation in Cisco’s Small Business series of networking devices is related to authentication errors. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to the configuration under the authority of an...

[SECURITY] Fedora 30 Update: openssh-8.0p1-1.fc30

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2019-1859

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

CVE-2019-1859 Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

Cisco Wireless LAN Controller Secure Shell Unauthorized Access Vulnerability

According to its self-reported version, Cisco Wireless LAN Controller WLC is affected by following vulnerability - A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated,...

CVE-2019-1805

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...

Design/Logic Flaw

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...

CVE-2019-1805 Cisco Wireless LAN Controller Secure Shell Unauthorized Access Vulnerability

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...

Cisco Wireless LAN Controller Secure Shell Unauthorized Access Vulnerability

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...

CVE-2019-5425

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root...

CVE-2019-5426

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwarding" SOCKS proxy functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SS...

Suricata out-of-bounds read vulnerability (CNVD-2019-34756)

Suricata is a high-performance network intrusion detection IDS, intrusion prevention IPS and network security monitoring multi-threaded engine An out-of-bounds read vulnerability exists in Suricata 4.0.4. The vulnerability stems from the lack of length checking in SSHParseBanner in app-layer-ssh....