Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
24780
Views
1
Helpful
4
Replies

vulnerability CVE-2023-48795,CVE-2023-51384,CVE-2023-51385 open SSH

rahul kale
Level 1
Level 1

‎05-09-2024 09:37 AM

Hello,

Do we have mitigation for CVE IDs CVE-2023-48795,CVE-2023-51384,CVE-2023-51385 on nexus switches N9K-C93180YC-FX.

one of solution says Upgrade to OpenSSH version 9.6 or later.

 

How can we check Open ssh version running on nexus switches.

15 people had this problem
Labels:
0 Helpful
4 Replies 4

Mark Elsen
Hall of Fame
Hall of Fame

‎05-09-2024 09:51 AM

 

                                     - You could try :
                %  nmap --script ssh2-enum-algos      switch-name (or ip address)

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

Ganesh bangar
Level 1
Level 1

‎05-09-2024 11:26 AM

Hello 

 

Its nexus N9K switches and vulnerability says we need to Upgrade to OpenSSH version 9.6 or later, do we have any steps to upgrade OpenSSH ?

0 Helpful

jacob-a-griffith3-ctr
Level 1
Level 1

‎05-10-2024 10:54 AM

Which OS version are you on? 

0 Helpful

Robert Burlingame
Level 1
Level 1

‎05-10-2024 11:18 AM

I opened a ticket with TAC on this yesterday. He sent me a great link: https://sec.cloudapps.cisco.com/security/center/cvr
Using that link I determined that 10.2(7) is the only one that isn't vulnerable to CVE-2023-48795 or CVE-2023-51384. However, it shows "under investigation" when looking into CVE-2023-51385. Since 10.2(x) already has announced EOL, we're choosing to wait until one of the newer trains has all fixes. I could be wrong, please do your own research.

 

0 Helpful
Customers Also Viewed These Support Documents