Hello! A scan were made to my Cisco ISE and shown a vulnerability in OpenSSH, the recommendations were to upgrade OpenSSH to version >9.6, do anyone knows if there is a CVE documented to this vuln? Or there is any documentation that explain to which version upgrade my ISE?
I went through the TAC process for this and I would like to save the next person some time. The mitigation configs from the bug report listed as the solution do stop OpenSSH connections but don't stop the scanner from seeing it as a vulnerability. Hope this helps!
CVE should be universal, so if you know the CVE you should be able to find it on cisco.com and see if it is fixed and what version/patch. Without that info there isn't much we can instruct you on. Whatever you use to scan should give you the CVE.
Yeah, you were right, aparentelly is the CVE-2023-48795, but I only found solved bugs for other Cisco Devices, not for ISE, do you know if theres an announced patch for that CVE and for ISE?
I went through the TAC process for this and I would like to save the next person some time. The mitigation configs from the bug report listed as the solution do stop OpenSSH connections but don't stop the scanner from seeing it as a vulnerability. Hope this helps!
