CVE-2024-2873 Information

Mar 26, 2024 cve

Description

A vulnerability was found in wolfSSH’s server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication resulting in unauthorized access.

Reference

https://github.com/wolfSSL/wolfssh/pull/670 https://github.com/wolfSSL/wolfssh/pull/671 https://www.wolfssl.com/docs/security-vulnerabilities/

Share on: