Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1001
Views
0
Helpful
3
Replies

Cisco switch need to Upgrade to OpenSSH version 9.8 or late

Syed Akbar Ali
Level 1
Level 1

‎01-19-2025 06:11 AM

Hi team,

Model : Cisco -C9200L-48P-4X , Version Cisco IOS XE Software, Version 17.12.03
Cisco IOS Software [Dublin], Catalyst L3 Switch Software (CAT9K_LITE_IOSXE), Version 17.12.3

Already SSH Enabled - version 2.0

while we scan Vulnerability give this output as Upgrade to OpenSSH version 9.8 or later.

Kindly advice.

Labels:
0 Helpful
3 Replies 3

Flavio Miranda
VIP
VIP

‎01-19-2025 06:21 AM

@Syed Akbar Ali 

This issue is describded on two CVEs

CVE-2024-39894 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39894
CVE-2024-6387 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387

Under the Bug ID CSCwm27472

Recommended fixed release is 17.15.2  and 17.16.1

FlavioMiranda_0-1737296382289.png

 

0 Helpful

Syed Akbar Ali
Level 1
Level 1

‎01-20-2025 04:54 AM - edited ‎01-20-2025 04:55 AM

Hello Flavio Miranda,

Thanks for information

Recommended fixed release is 17.15.2 and 17.16.1 which are Early Deployment (ED). there should not be have any impact on the production device after upgrade .  and l have list of devices which have the Cisco IOS XE 17.9.4a , 17.9.5 and Cisco NX-OS version 8.4(X) what will be recommended fixed release.

0 Helpful

Flavio Miranda
VIP
VIP
In response to Syed Akbar Ali

‎01-20-2025 05:38 AM

@Syed Akbar Ali 

 This bug is related to Catalyst device. I dont see any NX-OS on the list. 

For IOX-XE you need to move to 17.15 or 17.16. Unfortunatelly the impact is hard to say anything about it. But, if this is  really critical for your environment, you may dont have alternative. 

0 Helpful
Customers Also Viewed These Support Documents