Security Alert (A23-12-15): Vulnerability in OpenSSH


 

Published on: 20 December 2023

  
  

Description:

OpenSSH has released a new version to address a vulnerability in various versions of OpenSSH. The details of the security update can be found at:
https://www.openssh.com/txt/release-9.6

 

Affected Systems:

  • OpenSSH versions prior to version 9.6

 

Impact:

Successful exploitation of the vulnerability could lead to security restriction bypass on an affected system.

 

Recommendation:

Software update for affected systems is now available. Users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.openssh.com/txt/release-9.6
  • https://www.hkcert.org/security-bulletin/openssh-security-restriction-bypass-vulnerability_20231219
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795


Tag: OpenSSH
Tags