SSH Communication Channel Exposure in SolarWinds N-Central
CVE-2020-25619
4.4MEDIUM
What is CVE-2020-25619?
A vulnerability was identified in SolarWinds N-Central 12.3.0.670, where the SSH component fails to impose restrictions on the Communication Channel to Intended Endpoints. This allows attackers to exploit SSH's port forwarding feature, utilizing a temporary key pair to gain access to network services that are meant to be restricted to local communication. Consequently, this could lead to unauthorized access to localhost resources, posing significant security concerns for affected systems.