cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

Cisco Meeting Server OpenSSH Vulnerability

btamiletisim
Level 1
Level 1

Hi,

As it is known, OpenSSH vulnerability is found on some Cisco products. On security related sites, is it told that this vulnerability is resolved on OpenSSH 9.8p1. So OpenSSH versions shoul be upgraded to 9.8p1 to get rid of this vulnerability. 

Cisco Meeting Servers are also exposed to this vulnerability. So we upgraded our Cisco Meeting server to 3.9.2 version which is told in this page: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024

But still OpenSSH version is under 9.8 on CMS. It is 9.1. So scanning tools can still find the vulnerability on CMS.

Am I or Is Cisco wrong?

 

Who Me Too'd this topic