AI description
CVE-2025-26465 is a vulnerability in the OpenSSH client that can allow a man-in-the-middle (MitM) attack when the `VerifyHostKeyDNS` option is enabled. This option allows the client to verify the server's identity against DNS records. Due to a logic error in how the server's identity is verified when memory allocation errors occur, an attacker can potentially bypass these checks and impersonate the intended server. This could lead to the theft of sensitive information, such as credentials. While the `VerifyHostKeyDNS` option is currently disabled by default, it was previously enabled by default in certain environments like FreeBSD between September 2013 and March 2023. Administrators are encouraged to review their configurations to ensure this option is not enabled unless specifically required. The vulnerability has existed since late 2014 and highlights the importance of regularly reviewing and updating security configurations.
- Description
- A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.2
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
- Severity
- MEDIUM
- secalert@redhat.com
- CWE-390
- Hype score
- Not currently trending
Millions of servers are potentially at risk from these two OpenSHH vulnerabilities. Barracuda recommends a number of actions to mitigate the effects of CVE-2025-26465 and CVE-2025-26466: https://t.co/eBtEHRNyWL #cybersecurity https://t.co/xtqmbsNhh7
@barracuda
19 Mar 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📣 Help us test patches for CVE-2025-26465! AlmaLinux 8 and 9 are impacted by CVE-2025-26465. We've pulled upstream patches and need user testing. Share feedback to help us ensure security! 🔒 https://t.co/GFfxlC0iiJ https://t.co/aaf8c0pqvn
@AlmaLinux
12 Mar 2025
521 Impressions
4 Retweets
10 Likes
1 Bookmark
0 Replies
0 Quotes
#VulnAlert 🚨 CVE-2025-26465, -26466: MitM y DoS en OpenSSH (6.8/10). Afectan a versiones de 2013 (-26465) y 2023 (-26466). 📝 Más info: https://t.co/ccAy7HsSyQ
@Cyph3R_CyberSec
12 Mar 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Are your OpenSSH setups safe? Two critical vulnerabilities, CVE-2025-26465 & CVE-2025-26466, can lead to data breaches & downtime. Learn how these flaws impact you & secure your systems before it's too late. Read the advisory! https://t.co/VMseugymZF
@sequretek_sqtk
7 Mar 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-26465 - Vulnerabilidad de Ataque Man-in-the-Middle (MitM) en OpenSSH 🚨 🛡️ Resumen: Se ha identificado una vulnerabilidad crítica en el cliente de OpenSSH que permite ataques Man-in-the-Middle (MitM) cuando la opción VerifyHostKeyDNS está habilitada. https://t.co/N
@BanCERT_gt
4 Mar 2025
26 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Qualys announced two critical OpenSSH vulnerabilities: CVE-2025-26465 & CVE-2025-26466. AlmaLinux 8 and 9 are impacted by CVE-2025-26465. We’ve pulled in upstream patches and need your help testing! 👇 https://t.co/GFfxlC0iiJ
@AlmaLinux
1 Mar 2025
1932 Impressions
12 Retweets
45 Likes
6 Bookmarks
1 Reply
0 Quotes
🚨 New OpenSSH Vulnerabilities Expose Critical Security Risks: #CVE-2025-26465 and #CVE-2025-26466 https://t.co/Cmu44a8Q4C
@UndercodeNews
28 Feb 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
۲ آسیب پذیری برای openssh منتشر شده است. آسیب پذیری اول دارای کد شناسایی CVE-2025-26465 از نوع MITM بوده و مربوط به OpenSSH 6.8p1 می باشد ، آسیب پذیری دوم دارای کد شناسایی CVE-2025-26466 و از نوع DOS و مربوط به OpenSSH 9.5p1 می باشد. https://t.co/Poz3aKY03t https://t.co/q2ysgcxZ
@AmirHossein_sec
26 Feb 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 OpenSSH CVE-2025-26465 - What You Need to Know! 🚨 A newly discovered OpenSSH vulnerability could expose users to Man-in-the-Middle (MitM) attacks, making it a serious security risk. If you rely on SSH for secure connections, you need to act now! 🔐
@CyferNest
26 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#OpenSSH #vulnerabilities (CVE-2025-26465 & CVE-2025-26466) could leave your servers exposed! Secure your systems now by reviewing this #CybersecurityThreatAdvisory🔒 https://t.co/jZ91tPyIly
@SmarterMSP
25 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
“OpenSSH”də boşluqlar (CVE-2025-26465, CVE-2025-26466) aşkar olunub #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/nlaQSjDZR6
@CERTAzerbaijan
25 Feb 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#FreeBSD SA-25:05.openssh OpenSSHのCVE-2025-26465(VerifyHostKeysDNS)とCVE-2025-26466(SSH2_MSG_PING)のバグを上流に倣ってfix 前者は無効にすれば回避できるが後者はLoginGraceTimeとMaxStartupsの設定で緩和だけ。早めに当てよう。 https://t.co/uqHBmBtkVb
@motok2501
25 Feb 2025
90 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: OpenSSH MITM and DoS Vulnerabilities 📅 Timeline: Disclosure: 2025-02-18, Patch: 2025-02-18 📌 Attribution: Qualys Threat Research Unit 🆔cveId: CVE-2025-26465, CVE-2025-26466 📊baseScore: 6.8, 5.9 📏cvssMetrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,… ht
@syedaquib77
24 Feb 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical OpenSSH Vulnerabilities – Immediate Patch Required 🚨 Two severe vulnerabilities in OpenSSH have been identified, affecting both clients and servers: 🔹 CVE-2025-26465 – A Machine-in-the-Middle (MITM) attack vulnerability in the OpenSSH client. 1/8
@StringsVsAtoms
24 Feb 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
۲ آسیب پذیری برای openssh منتشر شده است. آسیب پذیری اول دارای کد شناسایی CVE-2025-26465 از نوع MITM بوده و مربوط به OpenSSH 6.8p1 می باشد ، آسیب پذیری دوم دارای کد شناسایی CVE-2025-26466 و از نوع DOS و مربوط به OpenSSH 9.5p1 می باشد.
@cybernetic_cy
22 Feb 2025
102 Impressions
2 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26465 CVE-2025-26465 https://t.co/BSND1VQ9iE
@ZhupuW28641
21 Feb 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-26465
@transilienceai
21 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
۲ آسیب پذیری برای openssh منتشر شده است. آسیب پذیری اول دارای کد شناسایی CVE-2025-26465 از نوع MITM بوده و مربوط به OpenSSH 6.8p1 می باشد ، آسیب پذیری دوم دارای کد شناسایی CVE-2025-26466 و از نوع DOS و مربوط به OpenSSH 9.5p1 می باشد. https://t.co/Poz3aKY03t https://t.co/ru3xAlU2
@AmirHossein_sec
21 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Advisory : A newly identified vulnerability, CVE-2025-26465, affects OpenSSH client versions 6.8p1 through 9.9p1
@XyztecCo
21 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenSSHのバグにより中間者攻撃やDoS攻撃が可能に OpenSSH bugs allows Man-in-the-Middle and DoS Attacks #SecurityAffairs (Feb 19) #OpenSSH #CVE-2025-26465 #CVE-2025-26466 #中間者攻撃 #DoS攻撃 https://t.co/ABWRJnfXTK
@foxbook
21 Feb 2025
1036 Impressions
4 Retweets
23 Likes
9 Bookmarks
0 Replies
0 Quotes
𝗢𝗽𝗲𝗻𝗦𝗦𝗛 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗙𝗹𝗮𝘄𝘀 𝗘𝘅𝗽𝗼𝘀𝗲 𝗠𝗶𝗹𝗹𝗶𝗼𝗻𝘀 𝘁𝗼 𝗖𝘆𝗯𝗲𝗿 𝗔𝘁𝘁𝗮𝗰𝗸𝘀: 𝗨𝗽𝗱𝗮𝘁𝗲 𝗡𝗼𝘄 Two major OpenSSH flaws—CVE-2025-26465 & CVE-2025-26466—expose systems to attacks! Update OpenSSH to 9.9p2 now! OpenSSH users, beware! Researchers ha
@analyticsinme
20 Feb 2025
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26465 and CVE-2025-26466 allow attackers to execute #MitM and #DoS attacks. These flaws impact OpenSSH clients and servers, making it possible for adversaries to intercept SSH connections or cause service disruptions. https://t.co/F9Z8CnpGyr https://t.co/lnTXDVDkXB
@provintell
20 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New OpenSSH vulnerabilities found! 🔸 CVE-2025-26465: MitM attacks if VerifyHostKeyDNS is enabled 🔸 CVE-2025-26466: DoS attacks disrupting servers Public exploit code is out — update to OpenSSH 9.9p2! 💻 #Deepweb #Darkweb Breaking news from the world… https://t.co/ZF7G3lwjoe
@godeepweb
20 Feb 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#OpenSSH 推出 9.9p2 版修复安全漏洞,其中 CVE-2025-26465 漏洞可在无需用户交互的情况下发起中间人劫持。 这个漏洞主要影响的是 FreeBSD、SUSE、Alpine Linux等,建议使用 OpenSSH 的话都更新到最新版。 查看全文:https://t.co/cGHIwPdECN
@landiantech
20 Feb 2025
254 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New OpenSSH Flaws Expose Servers to MiTM & DoS Attacks! OpenSSH 9.9p2 patches: 🔹 CVE-2025-26465 – A MitM flaw exploiting 'VerifyHostKeyDNS' to hijack SSH sessions. 🔹 CVE-2025-26466 – A DoS flaw flooding systems with small ping messages. 📢 Update now! Disable… https://t.
@dCypherIO
20 Feb 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-26465
@transilienceai
20 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Two new OpenSSH vulnerabilities (CVE-2025-26465 & CVE-2025-26466) pose risks of MitM and DoS attacks. Patches are available in version 9.9p2. Update is crucial for security! 🔒 #OpenSSH #EnterpriseSecurity #USA link: https://t.co/IVrT2JwjpS https://t.co/Gwhxib6Jvl
@TweetThreatNews
19 Feb 2025
18 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Looks like OpenSSH has a couple of unexpected guests crashing the party! New vulnerabilities (CVE-2025-26465 & CVE-2025-26466) are here, enabling some sneaky Man-in-the-Middle and pesky DoS attacks. Read more: https://t.co/I3sxFYnn4l https://t.co/7REWshkf76
@Stealthiss_
19 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🦹🏻♀️🪽 Villain of the Week 🪽🦹🏻♀️ CVE-2025-26465 is a vulnerability that has been identified in the OpenSSH client (versions 6.8p1 through 9.9p1) when the VerifyHostKeyDNS option is enabled (whether it is set to 'yes' or 'ask'.). This flaw allows attackers to bypass server
@vicariusltd
19 Feb 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: OpenSSH Vulnerabilities Allowing MitM and DoS Attacks 📅 Timeline: Disclosure: 2025-02-18, Patch: 2025-02-18 📌 Attribution: Qualys TRU 🆔cveId: CVE-2025-26465, CVE-2025-26466 🛠️exploitMaturity: Not Available 📂affectedVersions: 6.8p1 - 9.9p1… https://
@syedaquib77
19 Feb 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: OpenSSH Vulnerabilities Allowing MitM and DoS Attacks 📅 Timeline: Disclosure: 2025-02-18, Patch: 2025-02-18 📌 Attribution: Qualys TRU 🆔cveId: CVE-2025-26465, CVE-2025-26466 cvssSeverity: [Critical 🔴, High 🟠, Medium 🟡, Low 🟢] 🛠️exploitMaturity:…
@syedaquib77
19 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Załataliście już swoje OpenSSH? Wyszły dwie podatności w OpenSSH: CVE-2025-26465 i CVE-2025-26466 - warto rzucić okiem, czy Wasza Ulubiona Dystrybucja to załatała, a w szczególności czy Wasz dostawca systemów wbudowanych przypadkiem nie używa dalej OpenSSH w dziurawej wersji.
@komputerow
19 Feb 2025
881 Impressions
1 Retweet
13 Likes
0 Bookmarks
5 Replies
1 Quote
🚨 New OpenSSH Vulnerabilities Discovered! 🚨 CVE-2025-26465 enables man-in-the-middle attacks, while CVE-2025-26466 allows denial-of-service exploits. Check if you're vulnerable & secure your system NOW! 🔒 🔗 Read more: https://t.co/wKncCb8IxM #CyberSecurity #OpenSSH #CV
@BaseFortify
19 Feb 2025
52 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Wykryto nowe luki w OpenSSH (CVE-2025-26465, CVE-2025-26466), które mogą prowadzić do ataków MITM i DoS. Administratorzy powinni jak najszybciej zaktualizować systemy i sprawdzić konfigurację. #cybersecurity #OpenSSH https://t.co/1KIpArYzkN https://t.co/1KIpArYzkN
@arkady86
19 Feb 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenSSH CVE fixes are now available in the new Flatcar Alpha, Beta, Stable, LTS-2024 releases! 🔒 CVE fixes & security patches: OpenSSH (CVE-2025-26465, CVE-2025-26466) 📜 Release notes at the usual spot: https://t.co/rZjTiO6fY2 https://t.co/XjoPhLRVx4
@flatcar
19 Feb 2025
146 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Duas falhas críticas no OpenSSH foram descobertas: CVE-2025-26465 permite ataques de man-in-the-middle e CVE-2025-26466 pode causar negação de serviço. Atualize para a versão 9.9p2 e revise suas configurações! Seu sistema pode estar em risco!
@IncursioHack
19 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenSSHにMiTM攻撃とDoS攻撃の脆弱性:CVE-2025-26465 - Codebook https://t.co/Y551ELVHAK #izumino_trend
@sec_trend
19 Feb 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26465, -26466: Two vulnerabilities in OpenSSH, 6.8 rating❗️ MitM and DoS in OpenSSH. The severity level is medium, but the vulns cover many versions. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/jrDDvYolhG #cybersecurity #vulnerability_map https://t.co/sW1
@Netlas_io
19 Feb 2025
755 Impressions
2 Retweets
11 Likes
1 Bookmark
0 Replies
1 Quote
🚨Nuevas vulnerabilidades de OpenSSH exponen servidores SSH a ataques MiTM y DoS ➡️ Machine-in-the-middle (MitM) y a Denial of Service ⚠️ CVE-2025-26465 ⚠️ CVE-2025-26466 https://t.co/iUgpYhfKHB… https://t.co/UhRNxBAFwt
@doncaptador
19 Feb 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenSSHの重大な脆弱性がDoS 攻撃や中間者攻撃に悪用される可能性(CVE-2025-26465,CVE-2025-26466) #セキュリティ #セキュリティ対策Lab https://t.co/BntcAwPjHK
@securityLab_jp
19 Feb 2025
23 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
OpenSSH has two new vulnerabilities (CVE-2025-26465, MITM; CVE-2025-26466, DoS). CVE-2025-26465 affects versions 6.8p1-9.9p1, CVE-2025-26466 affects 9.5p1-9.9p1. Upgrade to 9.9p2 immediately to patch. https://t.co/dCqCLYudoD
@Jfreeg_
19 Feb 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: OpenSSH Man-in-the-Middle and DoS Attacks 📅 Timeline: Disclosure: 2025-02-18, Patch: 2025-02-18 🆔cveId: CVE-2025-26465, CVE-2025-26466 cvssSeverity: Critical 🔴 🛠️exploitMaturity: Active exploitation reported 📂affectedVersions: 6.8p1 to 9.9p1… http
@syedaquib77
19 Feb 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Alert🚨 CVE-2025-26465 & CVE-2025-26466: OpenSSH Client & Server Vulnerabilities Enables MiTM & DoS Attacks 🧐Deep Dive from @qualys:https://t.co/ITteNz2l4g 📊 67.1M+Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/P2bN5nlz5b 👇Q
@HunterMapping
19 Feb 2025
1238 Impressions
6 Retweets
14 Likes
4 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-26465 & CVE-2025-26466: OpenSSH Client & Server Vulnerabilities Enables MiTM & DoS Attacks 🧐Deep Dive from@qualys:https://t.co/ITteNz2STO 📊 67.1M+Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/P2bN5nm6UJ 👇Qu
@HunterMapping
19 Feb 2025
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two OpenSSH vulnerabilities allow MitM and DoS attacks. CVE-2025-26465 lets attackers impersonate servers when VerifyHostKeyDNS is enabled, and CVE-2025-26466 causes a pre-auth DoS. Both are fixed in OpenSSH 9.9p2—patch immediately.#OpenSSH #CVE https://t.co/LIcVW30NA4
@ZaihuaNewsEN
19 Feb 2025
31 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-26465
@transilienceai
19 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-26465 | OpenSSH VerifyHostKeyDNS cryptographic issues (Nessus ID 216407)) has been published on https://t.co/0be0tj11SQ
@WolfgangSesin
18 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenSSHの新たな脆弱性(CVE-2025-26465、CVE-2025-26466)が発見され、MitM攻撃とDoS攻撃が可能に。影響を受けるバージョンは2014年以降のものが含まれ、最新版9.9p2で修正済み。PoCコードも公開され、早急なアップデートが推奨される。 https://t.co/58WRL2IpNO
@01ra66it
18 Feb 2025
1394 Impressions
9 Retweets
24 Likes
9 Bookmarks
0 Replies
1 Quote
OpenSSHに2つの脆弱性(CVE-2025-26465、CVE-2025-26466)が発見され、MitM攻撃やDoS攻撃が可能に。特に、VerifyHostKeyDNSを有効にするとサーバーのなりすましが可能になる。OpenSSH 9.9p2で修正済み。 https://t.co/V3yvbHAU5k
@01ra66it
18 Feb 2025
562 Impressions
3 Retweets
11 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨Nuevas vulnerabilidades de OpenSSH exponen servidores SSH a ataques MiTM y DoS ➡️ Machine-in-the-middle (MitM) y a Denial of Service ⚠️ CVE-2025-26465 ⚠️ CVE-2025-26466 https://t.co/b1Pfxjbch9 https://t.co/7fe19Egy3i
@elhackernet
18 Feb 2025
6574 Impressions
75 Retweets
134 Likes
38 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD9E4318-20E3-420F-8EF5-7C05C3386586",
"versionEndIncluding": "9.8",
"versionStartIncluding": "6.9"
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50836FA3-8116-4D58-B73E-B4830FB3A551"
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:9.9:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2B53BBB-6916-478C-A896-77C7F7E7D5DE"
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:9.9:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7A2B794-BA83-4A01-BD2E-541F18CB9E37"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"criteria": "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A20333EE-4C13-426E-8B54-D78679D5DDB8"
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
],
"operator": "OR"
}
]
}
]