'OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.'
This CVE is addresses an issue not contained in the releases of ClearOS. ClearOS systems were never vulnerable to this bug.
All versions of ClearOS 5.x are not vulnerable to this issue. ClearOS 6 and later are also not affected by this issue.