|Number of vulnerabilities||1|
Platform Automation Toolkit
Other software / Other software solutions
This security bulletin contains one medium risk vulnerability.
CWE-863 - Incorrect Authorization
Exploit availability: NoDescription
The vulnerability allows a remote attacker to bypass authorization process.
The vulnerability exists due to an error within the pam_access.so module in Linux-PAM package, which does not correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. A remote attacker can bypass authorization process and login to the system via SSH from IP addresses that were not allowed to connect from.
Install update from vendor's website.Vulnerable software versions
Platform Automation Toolkit: before 5.0.24
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?