SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window. (CVE-2015-5352)
A remote attacker may be able to bypass intended access restrictions.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K17461.