Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
1
Replies

CBS350 - openssh vulernability

ryan14
Level 1
Level 1

‎03-08-2024 11:03 AM

A network scanner of ours is detecting our CBS350s running Version: 3.4.0.17 vulnerable to CVE-2023-38408 where it detected SSH-2.0-OpenSSH_7.3p1.RL via SSH. Is this just a false positive or will this be addressed in future firmware updates? I am on the latest firmware that is available.

0 Helpful
1 Reply 1

marce1000
VIP
VIP

‎03-08-2024 11:04 PM

 

                   - >... Is this just a false positive 
  - You could for instance test that with : https://github.com/kali-mx/CVE-2023-38408
                                                              https://github.com/LucasPDiniz/CVE-2023-38408  (e.g!)

                   >... or will this be addressed in future firmware updates? 
  - Best is to report (and query) to Cisco : https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M.

    
                                                              
   



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card