https://community.cisco.com/t5/network-access-control/ssh-prefix-truncation-vulnerability-terrapin/m-p/5309388#M597263 <P>Hi Community,</P><P>During a recent VAPT assessment, the <STRONG>SSH Prefix Truncation Vulnerability (Terrapin) — CVE-2023-48795</STRONG> — was flagged on our Cisco ISE deployment (<STRONG>version 3.3 Patch 4</STRONG>).</P><P>I have checked Cisco’s official vulnerability repository, and the status for this CVE currently shows as "Under Investigation":<BR /><span class="lia-unicode-emoji" title=":link:">🔗</span> <A href="https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2023-48795#~cve" target="_new" rel="noopener">Cisco Security Advisory for CVE-2023-48795</A></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="rahulnaik_0-1752561119129.png" style="width: 745px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/248293i8D6FB4A8CCE23677/image-dimensions/745x146?v=v2" width="745" height="146" role="button" title="rahulnaik_0-1752561119129.png" alt="rahulnaik_0-1752561119129.png" /></span></P><P>As this is a compliance priority, I’m looking for any recommended workaround or guidance to remediate or mitigate this vulnerability until an official fix is released. I’ve gone through the admin guides and release notes, but couldn't find any specific instructions related to disabling vulnerable SSH algorithms or hardening SSH configs on ISE.</P><P>Has anyone successfully addressed or suppressed this VAPT finding for Cisco ISE? Any help, workaround, or clarification from Cisco TAC or the community would be highly appreciated.</P><P>Thanks in advance.</P> Tue, 15 Jul 2025 06:34:12 GMT rahulnaik 2025-07-15T06:34:12Z https://community.cisco.com/t5/network-access-control/ssh-prefix-truncation-vulnerability-terrapin/m-p/5309388#M597263 <P>Hi Community,</P><P>During a recent VAPT assessment, the <STRONG>SSH Prefix Truncation Vulnerability (Terrapin) — CVE-2023-48795</STRONG> — was flagged on our Cisco ISE deployment (<STRONG>version 3.3 Patch 4</STRONG>).</P><P>I have checked Cisco’s official vulnerability repository, and the status for this CVE currently shows as "Under Investigation":<BR /><span class="lia-unicode-emoji" title=":link:">🔗</span> <A href="https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2023-48795#~cve" target="_new" rel="noopener">Cisco Security Advisory for CVE-2023-48795</A></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="rahulnaik_0-1752561119129.png" style="width: 745px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/248293i8D6FB4A8CCE23677/image-dimensions/745x146?v=v2" width="745" height="146" role="button" title="rahulnaik_0-1752561119129.png" alt="rahulnaik_0-1752561119129.png" /></span></P><P>As this is a compliance priority, I’m looking for any recommended workaround or guidance to remediate or mitigate this vulnerability until an official fix is released. I’ve gone through the admin guides and release notes, but couldn't find any specific instructions related to disabling vulnerable SSH algorithms or hardening SSH configs on ISE.</P><P>Has anyone successfully addressed or suppressed this VAPT finding for Cisco ISE? Any help, workaround, or clarification from Cisco TAC or the community would be highly appreciated.</P><P>Thanks in advance.</P> Tue, 15 Jul 2025 06:34:12 GMT https://community.cisco.com/t5/network-access-control/ssh-prefix-truncation-vulnerability-terrapin/m-p/5309388#M597263 rahulnaik 2025-07-15T06:34:12Z https://community.cisco.com/t5/network-access-control/ssh-prefix-truncation-vulnerability-terrapin/m-p/5309473#M597264 <P>&nbsp;</P> <P>&nbsp; -&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1885612">@rahulnaik</a>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Ref :&nbsp;&nbsp;<A href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwm87186" target="_blank">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwm87186</A><BR />&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; The bug report has a<FONT color="#008000"><STRONG> Fixed</STRONG></FONT> status but no <FONT color="#FF6600"><EM>Known Fixed Releases</EM></FONT> are provided ,&nbsp; that means that developers have fixed the issue but it is not yet incorporated in a production release.&nbsp; <EM>Contact<STRONG> TAC</STRONG> and ask for an ETA.</EM></P> <P>&nbsp; M.</P> Tue, 15 Jul 2025 08:53:02 GMT https://community.cisco.com/t5/network-access-control/ssh-prefix-truncation-vulnerability-terrapin/m-p/5309473#M597264 Mark Elsen 2025-07-15T08:53:02Z