Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5616

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.

Published

2025-04-15T19:16:06.647

Last Modified

2025-08-26T16:34:27.843

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

Weaknesses

Type: Secondary
CWE-290

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	gnome	control_center	< 1.3.36.5-0ubuntu4.1	Yes
Application	gnome	control_center	< 1.41.7-0ubuntu0.22.04.8	Yes
Application	gnome	control_center	< 1.44.0-1ubuntu6.1	Yes
Application	gnome	control_center	< 1.45.0-1ubuntu3.1	Yes
Operating System	canonical	ubuntu_linux	20.04	Yes
Operating System	canonical	ubuntu_linux	22.04	Yes
Operating System	canonical	ubuntu_linux	23.04	Yes
Operating System	canonical	ubuntu_linux	23.10	Yes

References

https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/2039577 Exploit, Issue Tracking ([email protected])
https://ubuntu.com/security/CVE-2023-5616 Vendor Advisory ([email protected])
https://ubuntu.com/security/notices/USN-6554-1 Vendor Advisory ([email protected])