Re: The version of OpenSSH installed on the remote host is prior 9x

feude.dieudonne.leumaleu · ‎07-04-2024

Hello Folks,

Could you please help on how to remediate this vulnerabilities , i have upgrade the devices but the scanner still show this one. this is happening on a cisco NX-OS 9k version 10.3.2

Any help is much appreciated !

Thanks

marce1000 · ‎07-04-2024

- If a Cisco device is on a latest and or a latest advisory software version , and there is a business concern for the particular security problem then you must contact TAC , and escalate ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ahmedshoaib · ‎07-04-2024

Dear;

If you upgraded the devices with new image due to recent OpenSSH vulnerability, then you need to wait for some time. Cisco identified the Product Nexus 9000 NXOS is vulnerable. Till now they don't release the fix or work around. Find the below link with reference to Cisco Security Advisory & Bug id.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk61235

Thanks

rkr · ‎08-06-2024

The exploit requires an authentication prompt, which means if you implement a simple VTY ACL to block access from the internet while allowing access from a specific jumphost, you create a barrier that must fail before the exploit becomes a risk.