Insecure SSH Connection Handling in WatchGuard Firebox Vclass and RSSA Appliance

Insecure SSH Connection Handling in WatchGuard Firebox Vclass and RSSA Appliance

CVE-2002-1520 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges.

Learn more about our Web Application Penetration Testing UK.