We are having the device WS-C3560V2-48PS with 12.2(55)SE12. We are getting the device has vulnerable and the CVE-id is CVE-2008-5161.
And we are unable to to disable cbc based ciphers,
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
Is anybody have same issue and fixed it ?
I suppose not. From the attachment, I logged in to a switch that has the same version and switch series that you have. You'll see that the command is not yet supported.
You can apply ACL in your VTY lines and just allow certain subnets/IP if you don't have one and not able to upgrade to version 15.x. This will not solve disabling certain ciphers but will limit SSH access.