Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
1
Replies

vulnrability result with CBS 350 switches Open SSH 7.3

wikinetwork
Level 1
Level 1

‎10-26-2023 02:48 PM

Anyone have idea what to do with this Vulnrability reported by a Vulscan service.this is for a cisco CBS 350 series switch

the switch is upgraded to latest frimware exist on cisco website , any idea how to fix this issue with open ssh7.4

Summary

openssh is prone to multiple vulnerabilities.

Related CVE

CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10708

Affected Nodes: Internal
172.16.2.154 (34:B8:83:F5:8C:C6)

Vulnerability Detection Result

Installed version: 7.3p1.RL Fixed version: 7.4 Installation path / port: 22/tcp

Impact

Successfully exploiting this issue allows local users to obtain sensitive private-key information, to gain privileges, conduct a senial-of-service condition and allows remote attackers to execute arbitrary local PKCS#11 modules.

Solution

Upgrade to OpenSSH version 7.4 or later.

 

0 Helpful
1 Reply 1

jamegill
Cisco Employee
Cisco Employee

‎11-16-2023 08:31 AM

Hi @wikinetwork  -- I see you're not getting any good feedback here, probably because you've posted the question in the area for Cisco Secure Network Analytics, not for the CBS 350 switch.  I don't know if the question can be moved, so maybe post it over here.

Good Luck!

--jg

0 Helpful
Customers Also Viewed These Support Documents