Viraniac

**Name of the Vulnerable Software and Affected Versions** gsi-openssh-server version 7.9p1 **Description** An issue allows logins to succeed with a valid username and an incorrect password when PermitPAMUserChange is set to yes in the /etc/gsissh/sshd config file, despite recording a failure entry in the /var/log/messages file. **Recommendations** For gsi-openssh-server version 7.9p1, consider setting PermitPAMUserChange to no in the /etc/gsissh/sshd config file as a temporary workaround to prevent logins with incorrect passwords.