1. Knowledge Base
  2. Security Advisories

PZOS-2013-006: PZOS SSH Privilege Escalation

Issue Date: 2013/09/30
Updated Date: 2013/09/30
Title: PZOS SSH Privilege Escalation
Classification: Moderate
Status: Closed
Affected Products: PZOS or Below


A vulnerability in the SSH implementation on the Panzura PZOS has been discovered. Exploitation of this vulnerability may result in privilege escalation in which the user is able to perform operations that should not be allowed.


On PZOS, different functionality is segregated by users. A condition exists in which a user connecting to the controller is able to perform actions that should not be allowed for that user.


Upgrade the appliance to PZOS version or higher; any future major or minor releases will also correct the issue. Release notes for this version outlining the correction of this vulnerability are documented here.