Summary

Security Advisory ID : BSA-2019-766

Component : OpenSSH

Revision : 1.0: Final

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users.

Affected Products
Brocade Fabric OS - Impacted : Fixed in v7.4.2, v7.4.1d, v8.1.0 and later releases.

Products Confirmed Not Vulnerable
Brocade Network Advisor, Brocade SANnav

Workaround
Limit access to management interface using firewall and/or ipfilter.

Revision History