CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
81.2%
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.
Vendor | Product | Version | CPE |
---|---|---|---|
f-secure | f-secure_ssh_server | 5.1 | cpe:2.3:a:f-secure:f-secure_ssh_server:5.1:*:*:*:*:*:*:* |
f-secure | f-secure_ssh_server | 5.2 | cpe:2.3:a:f-secure:f-secure_ssh_server:5.2:*:*:*:*:*:*:* |
f-secure | f-secure_ssh_server | 5.3 | cpe:2.3:a:f-secure:f-secure_ssh_server:5.3:*:*:*:*:*:*:* |
wrq | wrq_reflection_for_secure_it_windows_server | 6.0 | cpe:2.3:a:wrq:wrq_reflection_for_secure_it_windows_server:6.0:*:*:*:*:*:*:* |