Описание
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.
Ссылки
- Patch
- Third Party AdvisoryUS Government Resource
- Patch
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:f-secure:f-secure_ssh_server:5.1:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_ssh_server:5.2:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_ssh_server:5.3:*:*:*:*:*:*:*
cpe:2.3:a:wrq:wrq_reflection_for_secure_it_windows_server:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01848
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.
EPSS
Процентиль: 83%
0.01848
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other