topic Re: 9396PX Terrapin Fix/patch in Network Security

9396PX Terrapin Fix/patch

douglas.mckee — Fri, 12 Jan 2024 20:11:48 GMT

Good morning,

I realize our 9396PX's are EOL but we won't be replacing them until later this year. These devices are currently popping hot on the "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)". When I do a "sh ssh key rsa" it shows only SHA256 encryption and no other encryption algorithms. The running-config doesn't show the "ChaCha20-Poly1305 or CBC" anywhere in the config. Under Global configuration "ssh ciphers" I'm only seeing these 2 options:

1. aes256-gcm (Enable aes256-gcm)
2. all (Enable algorithms supported in current version of SSH)

The "all" enables all the ciphers to include the "CBC" ciphers which is probably what our ACAS scanner is detecting.

Has anyone else ran into this issue or have a solution that would work in mitigating this threat?

Thank you,

Doug

------------------------------------------------------------------------------------------------------ The remote SSH server is vulnerable to a mitm prefix truncation attack.

Description

The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security.

Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions.

Solution

Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms.

Re: 9396PX Terrapin Fix/patch

Rob Ingram — Fri, 12 Jan 2024 21:38:47 GMT

@douglas.mckee using AES GCM mitigates this issue, disable CBC.

Re: 9396PX Terrapin Fix/patch

balaji.bandi — Fri, 12 Jan 2024 21:40:11 GMT

check below thread similar and change the cipher as suggested in the post and test it

https://community.cisco.com/t5/network-security/ssh-terrapin-prefix-truncation-weakness/m-p/4995325#M1107891

Re: 9396PX Terrapin Fix/patch

douglas.mckee — Tue, 16 Jan 2024 17:07:19 GMT

Rob,

Correct. The AES GCM would mitigate this issue.

1. How do I disable the CBC in NX-OS since there doesn't appear to be an option to removed specific ciphers?

2. Other posts have mentioned enabling AES GCM caused them to lose SSH connectivity to their switch. Is there anything prior to implementing this that would mitigate this issue?

Thank you,

Doug

Re: 9396PX Terrapin Fix/patch

Rob Ingram — Tue, 16 Jan 2024 17:28:03 GMT

@douglas.mckee you'd need to ensure the version of NXOS supports and your SSH client both support GCM. You may need to upgrade the NXOS version.

I would make the change whilst onsite, so you can connect via console if there is a problem.

If you NXOS does not support GCM you could enable AES-CTR - "CTR-mode ciphers in combination with the Encrypt-then-MAC paradigm are vulnerable as well, although this weakness cannot be exploited in a real-world scenario." https://terrapin-attack.com/

Re: 9396PX Terrapin Fix/patch

RicardoHuamaniAllcca89890 — Fri, 08 Mar 2024 17:16:48 GMT

Workround:

Primero: Upgrade de firmware a la version 10.2.7

Segundo: modificar config de dcos_sshd_config, eliminar el algoritmo de cifrado chacha20-poly1305@openssh.com.

documentación:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi60493

Re: 9396PX Terrapin Fix/patch

Rayan Alden — Tue, 12 Mar 2024 07:25:56 GMT

Our ACAS scanner is flagging the "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)" on these devices, and upon inspection, it appears that only SHA256 encryption is being used, with no other encryption algorithms present. Furthermore, the running-config does not show any evidence of the "ChaCha20-Poly1305 or CBC" encryption, which is likely contributing to the vulnerability detection. Under Global configuration, the "ssh ciphers" command reveals only two options: "aes256-gcm" and "all," with the latter enabling all ciphers, including potentially insecure CBC ciphers.
Regards yesnowheel