ISE: CVE-2023-28531: Vulnerabilities in openssh 8.0p1

jds5 · ‎09-16-2024

Hello,

Do you know what the exact impact of this vulnerability is on an ISE SNS-3655-K9 in version 3.3 P3?

BR,

José

Aref Alsouqi · ‎09-16-2024

It's a discovered vulnerability on the Linux based OS which ISE uses as well and it could cause a leakage of some sensitive information or denial of service as per this NetApp link provided by nist.gov:

CVE-2023-28531 OpenSSH Vulnerability in NetApp Products | NetApp Product Security

NVD - CVE-2023-28531 (nist.gov)

jds5 · ‎09-17-2024

Does version 3.4 fix this vulnerability?

jds5 · ‎09-18-2024

Hello,

Does someone have this information? Thank you,

BR,

Aref Alsouqi · ‎09-24-2024

Looking at the resolved bugs list in ISE 3.4 it does not seem to include it:

Release Notes for Cisco Identity Services Engine, Release 3.4 - Cisco

Kyle Stewart · ‎10-04-2024

I would be nice if this was included in P4 coming sometime this month (which fixes CVE-2024-20469).

Kyle Stewart · ‎10-07-2024

Look here. This doesn't affect ISE at all. Change the criteria to Not Affected and you'll see that confirmation. I'm sure this has to do with using customized versions of OpenSSH but vulnerability scanners only look at the version # (at least some of them).

https://sec.cloudapps.cisco.com/security/center/cvr?cveIdList=CVE-2023-28531#~cve

ISE: CVE-2023-28531: Vulnerabilities in openssh 8.0p1

OpenSSH vulnerability in Cisco ISE

OpenSSH vulnerabilities

OpenSSH Multiple Vulnerabilities - Cisco ISE Version 3.2.0.401

Cisco ISE related Vulnerability (CVE-2025-20152)

OpenSSH regreSSHion vulnerability in FMC