Security Advisory

CVE-2018-20799

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-01 15:00:00

Last updated 2024-08-05 12:12:27

Assigner mitre

State PUBLISHED

Description

In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions.

← Browse all CVEs View on cve.org ↗