Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1836
Views
1
Helpful
3
Replies

The version of OpenSSH installed on the remote host is prior 9x

feude.dieudonne.leumaleu
Level 1
Level 1

‎07-04-2024 04:49 AM - edited ‎07-04-2024 04:51 AM

Hello Folks, 

Could you please help on how to remediate this vulnerabilities , i have upgrade the devices but the scanner still show this one. this is happening on a cisco NX-OS 9k version 10.3.2

Any help is much appreciated !

Thanks

Labels:
3 Replies 3

Mark Elsen
Hall of Fame
Hall of Fame

‎07-04-2024 05:34 AM

 

 - If a Cisco device is on a latest and or a latest advisory software version , and there is a business concern for the particular security problem then you must contact     TAC , and escalate , 

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

ahmedshoaib
Level 4
Level 4

‎07-04-2024 11:18 AM

Dear;

If you upgraded the devices with new image due to recent OpenSSH vulnerability, then you need to wait for some time. Cisco identified the Product Nexus 9000 NXOS is vulnerable. Till now they don't release the fix or work around. Find the below link with reference to Cisco Security Advisory & Bug id.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk61235

Thanks

 

0 Helpful

rkr
Level 1
Level 1

‎08-06-2024 09:24 PM

The exploit requires an authentication prompt, which means if you implement a simple VTY ACL to block access from the internet while allowing access from a specific jumphost, you create a barrier that must fail before the exploit becomes a risk.

0 Helpful
Customers Also Viewed These Support Documents