In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 26 Aug 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Gnome
Gnome control Center
CPEs cpe:2.3:a:gnome:control_center:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*
Vendors & Products Canonical
Canonical ubuntu Linux
Gnome
Gnome control Center

Tue, 29 Apr 2025 02:30:00 +0000

Type Values Removed Values Added
Title gnome-control-center: Remote login misconfiguration in GNOME Control Center
References
Metrics threat_severity

None

threat_severity

Moderate


Tue, 15 Apr 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-290
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Apr 2025 18:45:00 +0000

Type Values Removed Values Added
Description In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2025-04-15T20:51:31.399Z

Reserved: 2023-10-17T15:39:21.769Z

Link: CVE-2023-5616

cve-icon Vulnrichment

Updated: 2025-04-15T20:38:02.459Z

cve-icon NVD

Status : Analyzed

Published: 2025-04-15T19:16:06.647

Modified: 2025-08-26T16:34:27.843

Link: CVE-2023-5616

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-04-15T18:29:54Z

Links: CVE-2023-5616 - Bugzilla

cve-icon OpenCVE Enrichment

No data.