BSA-2019-766
21524
21 March 2019
21 March 2019
Closed
Medium
4.0
Yes
CVE-2015-6563
Summary
Security Advisory ID : BSA-2019-766
Component : OpenSSH
Revision : 1.0: Final
A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users.
Affected Products
Brocade Fabric OS - Impacted : Fixed in v7.4.2, v7.4.1d, v8.1.0 and later releases.
Products Confirmed Not Vulnerable
Brocade Network Advisor, Brocade SANnav
Workaround
Limit access to management interface using firewall and/or ipfilter.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | March 21, 2019 |