topic Re: CBS350 - openssh vulernability in Network Security

topic Re: CBS350 - openssh vulernability in Network Security https://community.cisco.com/t5/network-security/cbs350-openssh-vulernability/m-p/5036813#M1109749 <P> </P> <P>              <EM>  <STRONG>   - >...</STRONG></EM><SPAN><STRONG><EM> Is this just a false positive </EM></STRONG><BR /></SPAN>  - You could for instance test that with : <A href="https://github.com/kali-mx/CVE-2023-38408" target="_blank">https://github.com/kali-mx/CVE-2023-38408</A><BR />                                                              <A href="https://github.com/LucasPDiniz/CVE-2023-38408" target="_blank">https://github.com/LucasPDiniz/CVE-2023-38408</A>  (e.g!)</P> <P>                 <STRONG>  >.<EM>.. or will this be addressed in future firmware updates? </EM></STRONG><BR />  - Best is to report (and query) to Cisco : <A href="https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html" target="_blank">https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html</A></P> <P> M.</P> <P>    <BR />                                                              <BR />   </P> Sat, 09 Mar 2024 07:04:52 GMT Mark Elsen 2024-03-09T07:04:52Z CBS350 - openssh vulernability https://community.cisco.com/t5/network-security/cbs350-openssh-vulernability/m-p/5036699#M1109745 <P><FONT face="arial,helvetica,sans-serif">A network scanner of ours is detecting our CBS350s running Version: 3.4.0.17 vulnerable to <SPAN>CVE-2023-38408 where it detected SSH-2.0-OpenSSH_7.3p1.RL via SSH. Is this just a false positive or will this be addressed in future firmware updates? I am on the latest firmware that is available.</SPAN></FONT></P> Fri, 08 Mar 2024 19:03:07 GMT https://community.cisco.com/t5/network-security/cbs350-openssh-vulernability/m-p/5036699#M1109745 ryan14 2024-03-08T19:03:07Z Re: CBS350 - openssh vulernability https://community.cisco.com/t5/network-security/cbs350-openssh-vulernability/m-p/5036813#M1109749 <P> </P> <P>              <EM>  <STRONG>   - >...</STRONG></EM><SPAN><STRONG><EM> Is this just a false positive </EM></STRONG><BR /></SPAN>  - You could for instance test that with : <A href="https://github.com/kali-mx/CVE-2023-38408" target="_blank">https://github.com/kali-mx/CVE-2023-38408</A><BR />                                                              <A href="https://github.com/LucasPDiniz/CVE-2023-38408" target="_blank">https://github.com/LucasPDiniz/CVE-2023-38408</A>  (e.g!)</P> <P>                 <STRONG>  >.<EM>.. or will this be addressed in future firmware updates? </EM></STRONG><BR />  - Best is to report (and query) to Cisco : <A href="https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html" target="_blank">https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html</A></P> <P> M.</P> <P>    <BR />                                                              <BR />   </P> Sat, 09 Mar 2024 07:04:52 GMT https://community.cisco.com/t5/network-security/cbs350-openssh-vulernability/m-p/5036813#M1109749 Mark Elsen 2024-03-09T07:04:52Z