Re: vulnerability CVE-2023-48795,CVE-2023-51384,CVE-2023-51385 open SS

rahul kale · ‎05-09-2024

Hello,

Do we have mitigation for CVE IDs CVE-2023-48795,CVE-2023-51384,CVE-2023-51385 on nexus switches N9K-C93180YC-FX.

one of solution says Upgrade to OpenSSH version 9.6 or later.

How can we check Open ssh version running on nexus switches.

Mark Elsen · ‎05-09-2024

- You could try :
% nmap --script ssh2-enum-algos switch-name (or ip address)

M.

-- Let everything happen to you
   Beauty and terror
      Just keep going
     No feeling is final
Reiner Maria Rilke (1899)

Ganesh bangar · ‎05-09-2024

Hello

Its nexus N9K switches and vulnerability says we need to Upgrade to OpenSSH version 9.6 or later, do we have any steps to upgrade OpenSSH ?

jacob-a-griffith3-ctr · ‎05-10-2024

Which OS version are you on?

Robert Burlingame · ‎05-10-2024

I opened a ticket with TAC on this yesterday. He sent me a great link: https://sec.cloudapps.cisco.com/security/center/cvr
Using that link I determined that 10.2(7) is the only one that isn't vulnerable to CVE-2023-48795 or CVE-2023-51384. However, it shows "under investigation" when looking into CVE-2023-51385. Since 10.2(x) already has announced EOL, we're choosing to wait until one of the newer trains has all fixes. I could be wrong, please do your own research.

vulnerability CVE-2023-48795,CVE-2023-51384,CVE-2023-51385 open SSH