The submitted value sssieddtype[2]xsx in the Dokumentenart element is not allowed.
OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136)
Advisory ID
WGSA-2023-00001
CVE
CVE-2023-25136
Impact
Medium
Status
Not Applicable
Product Family
Firebox,Dimension
Published Date
Updated Date
Workaround Available
False
CVSS Score
6.5
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
On February 3, 2023, researchers at Qualys disclosed CVE-2023-25136, a double free vulnerability in OpenSSH Server v9.1. The exploit is non-trivial but a successful exploit could allow an unauthenticated attacker to execute arbitrary code on an unprotected system.
Affected
Product
Affected Version(s)
Note
Firebox
Not Impacted
The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable
Dimension
Not Impacted
Dimension uses a patched version of OpenSSH that is not affected by this vulnerability
Resolution
Product
Affected Version(s)
Note
Firebox
Not Impacted
The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable
Dimension
Not Impacted
Dimension uses a patched version of OpenSSH that is not affected by this vulnerability