SSH communication between Netscaler Console nodes and/or Netscaler/Netscaler-SDX instance(s) fails

After upgrading Netscaler Console aka. ADM from earlier versions to either13.1-53.17 or 53.22 refresh build or 14.1-25.53, certain tasks like re-creating HA deployment, Netscaler backup , or other tasks involving SSH connection may fail and manifest in error popup or log entries in...

GHSA-6GR4-52W6-VMQX rke's credentials are stored in the RKE1 Cluster state ConfigMap

Impact When RKE provisions a cluster, it stores the cluster state in a configmap called full-cluster-state inside the kube-system namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include the following sensitive data: -...

PT-2024-4208 · Rancher · Rancher Kubernetes Engine +1

Name of the Vulnerable Software and Affected Versions: Rancher Kubernetes Engine RKE versions prior to 1.4.19 Rancher Kubernetes Engine RKE versions prior to 1.5.10 Rancher versions prior to 2.7.14 Rancher versions prior to 2.8.5 Description: The issue is related to the storage of cluster state i...

OPENSUSE-SU-2024:13932-1 ssh-audit-3.2.0-1.1 on GA media

These are all security issues fixed in the ssh-audit-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12511-1 apache-sshd-2.9.2-1.1 on GA media

These are all security issues fixed in the apache-sshd-2.9.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13530-1 ssh-audit-3.1.0-1.1 on GA media

These are all security issues fixed in the ssh-audit-3.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10464-1 pam_ssh-2.1-1.7 on GA media

These are all security issues fixed in the pamssh-2.1-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11407-1 ssh-audit-2.5.0-1.2 on GA media

These are all security issues fixed in the ssh-audit-2.5.0-1.2 package on the GA media of openSUSE Tumbleweed...

CVE-2024-21988

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

CVE-2024-21988

CVE-2024-21988 affects NetApp StorageGRID (formerly StorageGRID Webscale). Versions prior to 11.7.0.9 and 11.8.0.5 are vulnerable due to a flaw in the SSH cryptographic implementation that enables disclosure of sensitive information in complex Man‑in‑the‑Middle attacks. The root cause is tied to ...

CVE-2024-21988 CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

CVE-2024-21988 CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5313

CVE-2024-5313 is associated with Schneider Electric EVlink Home Smart chargers. Public sources describe a CWE-668 “Exposure of the Resource Wrong Sphere” issue where an SSH interface is exposed on the product network interface. Affected versions include EVlink Home Smart v2.0.4.1.2_131 and v2.0.3...

Ubuntu: Security Advisory (USN-6820-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5813

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...

CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...