OpenSSH Client Vulnerability

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America's Cyber Defense Agency

OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system.

Users and administrators are encouraged to review the OpenSSH Release Notes and Vulnerability Note VU#456088 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

OpenSSH Client Vulnerability

Please share your thoughts

CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs

CISA and NSA Release New Guidance on Identity and Access Management

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

OpenSSH Client Vulnerability

Please share your thoughts

Related Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs

CISA and NSA Release New Guidance on Identity and Access Management

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog