cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1161
Views
1
Helpful
3
Replies

The version of OpenSSH installed on the remote host is prior 9x

Hello Folks, 

Could you please help on how to remediate this vulnerabilities , i have upgrade the devices but the scanner still show this one. this is happening on a cisco NX-OS 9k version 10.3.2

Any help is much appreciated !

Thanks

3 Replies 3

marce1000
VIP
VIP

 

 - If a Cisco device is on a latest and or a latest advisory software version , and there is a business concern for the particular security problem then you must contact     TAC , and escalate , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ahmedshoaib
Level 4
Level 4

Dear;

If you upgraded the devices with new image due to recent OpenSSH vulnerability, then you need to wait for some time. Cisco identified the Product Nexus 9000 NXOS is vulnerable. Till now they don't release the fix or work around. Find the below link with reference to Cisco Security Advisory & Bug id.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk61235

Thanks

 

rkr
Level 1
Level 1

The exploit requires an authentication prompt, which means if you implement a simple VTY ACL to block access from the internet while allowing access from a specific jumphost, you create a barrier that must fail before the exploit becomes a risk.

Review Cisco Networking for a $25 gift card