Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users
Vulnerability Description
SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 and 2.6.3. No generally available (GA) or customer-released production builds were affected. There is no evidence that this issue was exposed in customer environments or production deployments.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
SoftIron HyperCloud 安全漏洞
Vulnerability Description
SoftIron HyperCloud是SoftIron公司的一款智能云架构。 SoftIron HyperCloud 2.5.0版本至2.6.3版本存在安全漏洞,该漏洞源于错误添加用户SSH密钥到管理员级别授权密钥,可能导致通过SSH进行未经授权的权限提升。
CVSS Information
N/A
Vulnerability Type
N/A