Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-6c6q-52re-zqdc
Vulnerability ID VCID-6c6q-52re-zqdc
Aliases CVE-2015-6563
Summary The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
Status Published
Exploitability 0.5
Weighted Severity 5.8
Risk 2.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-266 Incorrect Privilege Assignment
System Score Found at
cvssv3.1 6.4 http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
ssvc Track http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
cvssv3.1 6.4 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
ssvc Track http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
cvssv3.1 6.4 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
cvssv3.1 6.4 http://rhn.redhat.com/errata/RHSA-2016-0741.html
ssvc Track http://rhn.redhat.com/errata/RHSA-2016-0741.html
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2015-6563
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2015-6563
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2015-6563
epss 0.00102 https://api.first.org/data/v1/epss?cve=CVE-2015-6563
cvssv3.1 6.4 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
ssvc Track https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
cvssv3.1 6.4 http://seclists.org/fulldisclosure/2015/Aug/54
ssvc Track http://seclists.org/fulldisclosure/2015/Aug/54
cvssv3.1 6.4 https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
ssvc Track https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
cvssv3.1 6.4 https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
ssvc Track https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
cvssv3.1 6.4 https://security.gentoo.org/glsa/201512-04
ssvc Track https://security.gentoo.org/glsa/201512-04
cvssv3.1 6.4 https://security.netapp.com/advisory/ntap-20180201-0002/
ssvc Track https://security.netapp.com/advisory/ntap-20180201-0002/
cvssv3.1 6.4 https://support.apple.com/HT205375
ssvc Track https://support.apple.com/HT205375
cvssv3.1 6.4 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
ssvc Track https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
cvssv3.1 6.4 http://www.openssh.com/txt/release-7.0
ssvc Track http://www.openssh.com/txt/release-7.0
cvssv3.1 6.4 http://www.openwall.com/lists/oss-security/2015/08/22/1
ssvc Track http://www.openwall.com/lists/oss-security/2015/08/22/1
cvssv3.1 6.4 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
ssvc Track http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
cvssv3.1 6.4 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
ssvc Track http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
cvssv3.1 6.4 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
ssvc Track http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
cvssv3.1 6.4 http://www.securityfocus.com/bid/76317
ssvc Track http://www.securityfocus.com/bid/76317
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json
https://api.first.org/data/v1/epss?cve=CVE-2015-6563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563
1 http://www.openwall.com/lists/oss-security/2015/08/22/1
1252844 https://bugzilla.redhat.com/show_bug.cgi?id=1252844
165170.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
201512-04 https://security.gentoo.org/glsa/201512-04
54 http://seclists.org/fulldisclosure/2015/Aug/54
76317 http://www.securityfocus.com/bid/76317
795711 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
brocade-security-advisory-2019-766 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
bulletinjan2016-2867206.html http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
d4697fe9a28dab7255c60433e4dd23cf7fce8a8b https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
HT205375 https://support.apple.com/HT205375
linuxbulletinapr2016-2952096.html http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
linuxbulletinoct2015-2719645.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
msg00005.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
msg00010.html https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
msg00017.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
ntap-20180201-0002 https://security.netapp.com/advisory/ntap-20180201-0002/
release-7.0 http://www.openssh.com/txt/release-7.0
RHSA-2015:2088 https://access.redhat.com/errata/RHSA-2015:2088
RHSA-2016:0741 https://access.redhat.com/errata/RHSA-2016:0741
RHSA-2016-0741.html http://rhn.redhat.com/errata/RHSA-2016-0741.html
ssa-412672.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2016-0741.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://rhn.redhat.com/errata/RHSA-2016-0741.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2015/Aug/54
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://seclists.org/fulldisclosure/2015/Aug/54
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201512-04
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://security.gentoo.org/glsa/201512-04
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20180201-0002/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://security.netapp.com/advisory/ntap-20180201-0002/
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://support.apple.com/HT205375
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://support.apple.com/HT205375
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.openssh.com/txt/release-7.0
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.openssh.com/txt/release-7.0
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2015/08/22/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.openwall.com/lists/oss-security/2015/08/22/1
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/76317
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/ Found at http://www.securityfocus.com/bid/76317
Exploit Prediction Scoring System (EPSS)
Percentile 0.27608
EPSS Score 0.00102
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:33:26.956112+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2015/6xxx/CVE-2015-6563.json 38.6.0