04-29-2024 08:04 PM - edited 04-29-2024 08:09 PM
Title says it all. Anyone encounter this yet?
04-29-2024 10:42 PM
>...Title says it all.
- It doesn't or even 'far less' ;
- How did you determine that SSH was downgraded , how do you retrieve the 9.1 version info ?
- Why do you think it is now more vulnerable ? What testing methodologies did you use to conclude that ?
M.
04-30-2024 03:41 AM
04-30-2024 05:17 AM
>... I was hoping for a Cisco response
- You are on a support forum populated by Cisco customers on a volunteering basis. For official support and letting Cisco know your concerns you need to create a TAC case ,
M.
04-30-2024 05:23 AM
Opening a TAC case was the first thing I did. I was wondering if anyone else is encountering this, and if they are, what are they doing. Anyone who has to meet any sort of compliance should be talking about this. It's odd that it's eerily quiet.
04-30-2024 05:34 AM
- I can follow you on those considerations and or perhaps others already having TAC cases launched and getting insights (sometimes....) ,
M.
04-30-2024 05:58 AM
(-Added) : https://sec.cloudapps.cisco.com/security/center/home.x#:
M.
04-30-2024 12:10 PM
My Firepower 7.2.5 reports OpenSSH 8.0.
I scanned a 7.4.1.1 FMC and it reports 9.1 (as does a 7.6 beta FMC)
What version did you see with something higher than 9.1?
04-30-2024 12:20 PM - edited 04-30-2024 12:21 PM
Yes, it's 9.1 for 7.4.1.1. The problem is that the aforementioned CVEs are all about SSH versions less than 9.6. I understand that Cisco says they're not vulnerable, but many are, so I'm wondering why they think they're not.
04-30-2024 08:04 PM
It appears some FX-OS versions are affected and that Cisco has developed a fix internally that is not yet posted.
The "Fixed release" build number can be a bit challenging to decipher but it appears 2.14.1.149 and higher have the fix (2.14.1.143 is the latest available on the downloads site as of today (1 May 2024).
Reference: https://bst.cisco.com/bugsearch/bug/CSCwi60430
I would cite that in your open TAC case. Please let us know what they say.
I have yet to see where Cisco downgraded any previously included OpenSSH module present in any previously released FMC or FTD.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide