cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2446
Views
5
Helpful
2
Replies

CVE not found - OpenSSH vulnerabilitiy

moorec43
Level 1
Level 1

I have recently had some openSSH vulnerabilities show up on a report for some of my switches and routers and when I searched the CVE on Cisco's advisory page nothing came up.

 

Is it safe to assume that this vulnerability does not affect my Cisco products? This CVE just showed up, CVE-2019-16905, and I want to make sure that it doesn't affect the device before saying it is a false positive. Any help would be appreciated.

 

Thanks

1 Accepted Solution

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

May be condition as below :

 

After analysis, Cisco has decided against performing additional actions on this product due to one of the following reasons:

 

- The product is no longer maintained, having reached End of Software Maintenance.

- The product is still being maintained, but a business decision was made not to upgrade the vulnerable product.

- The product uses the affected third-party component in such a way as to not be affected by these vulnerabilities.

 

Conditions: Device with default configuration.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

May be condition as below :

 

After analysis, Cisco has decided against performing additional actions on this product due to one of the following reasons:

 

- The product is no longer maintained, having reached End of Software Maintenance.

- The product is still being maintained, but a business decision was made not to upgrade the vulnerable product.

- The product uses the affected third-party component in such a way as to not be affected by these vulnerabilities.

 

Conditions: Device with default configuration.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Leo Laohoo
Hall of Fame
Hall of Fame

@moorec43 wrote:

I have recently had some openSSH vulnerabilities show up on a report for some of my switches and routers and when I searched the CVE on Cisco's advisory page nothing came up.


ConfD CLI Secure Shell Server Privilege Escalation Vulnerability

Review Cisco Networking for a $25 gift card