Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
1
Helpful
7
Replies

open ssh 9.3 multiple vulnerability in cisco sma

Go to solution
DK9
Level 1
Level 1

‎04-22-2024 09:39 AM

Hi folks recently our audit team have scanned our WSA and SMA for VApt and they have found that wsa(asyncos 14.5) and SMA (15.0) is having openssh version prior to 9.3 and should be upgraded .

IS it possible to upgrade openssh alone? i searched documents but couldn't   find any document related to this any idea folks?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP

‎04-22-2024 09:43 AM

No, you can't update it yourself. You'll have to wait until they upgrade it.
I would open a TAC case to make sure its recorded, and get bug number that you can watch.

Ken

________________________________

This email is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If the reader of this email is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited.
If you have received this communication in error, please immediately notify us by telephone and return the original message to us at the listed email address.
Thank You.

View solution in original post

0 Helpful

Go to solution
amojarra
Cisco Employee
Cisco Employee

‎04-22-2024 11:08 AM

@DK9 

 

I believe you are referring to : CVE-2023-51385

NVD - CVE-2023-51385 (nist.gov)

if so you can review the CVEs from this link 

Cisco Vulnerability Repository

you can filter by disposition 

amojarra_0-1713809220149.png

here is the status for WSA 

amojarra_1-1713809249324.png

 

 

if you are referring to any other CVE, you can check them in above link.

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++        If you find this answer helpful, please rate it as such      ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

View solution in original post

7 Replies 7

Go to solution
Ken Stieers
VIP
VIP

‎04-22-2024 09:43 AM

No, you can't update it yourself. You'll have to wait until they upgrade it.
I would open a TAC case to make sure its recorded, and get bug number that you can watch.

Ken

________________________________

This email is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If the reader of this email is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited.
If you have received this communication in error, please immediately notify us by telephone and return the original message to us at the listed email address.
Thank You.
0 Helpful

Go to solution
DK9
Level 1
Level 1
In response to Ken Stieers

‎04-22-2024 09:46 AM

oh ok so only tac can help ok will open a case thanks a lot

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to DK9

‎04-22-2024 10:11 AM

Yep. And it's possible that they fixed whatever vuln that SSH had without updating it. They did that a lot before 15.x shipped with a newer Os underneath it.
0 Helpful

Go to solution
DK9
Level 1
Level 1
In response to Ken Stieers

‎04-22-2024 10:22 AM

you mean 15.x will resolve the issue? but 15.0 version is having proxy service hang bug which will be more severe ryt?

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to DK9

‎04-22-2024 11:10 AM

I don't know that 15.x will fix it.  My ESA and SMA are on 15.0.1/15.0.0, and they show the vulnerability... BUT often the vuln scanners see "OpenSSH version X" is vulnerable, and so report that you're vulnerable, except Cisco would fix the specific bug that in the code they shipped, but not upgrade the whole package. 

That's why you need to open a TAC case, to find if that is the case here. 

 

0 Helpful

Go to solution
psayafan
Cisco Employee
Cisco Employee
In response to DK9

‎04-23-2024 03:08 AM

Regarding the high load on the proxy in version 15, you can check the defect from here: CSCwh60833 

It has not been fixed yet, but it is not appearing for all customers. If you are able to perform the test in an isolated situation and you do not encounter the problem, you can upgrade WSA to version 15.x.

0 Helpful

Go to solution
amojarra
Cisco Employee
Cisco Employee

‎04-22-2024 11:08 AM

@DK9 

 

I believe you are referring to : CVE-2023-51385

NVD - CVE-2023-51385 (nist.gov)

if so you can review the CVEs from this link 

Cisco Vulnerability Repository

you can filter by disposition 

amojarra_0-1713809220149.png

here is the status for WSA 

amojarra_1-1713809249324.png

 

 

if you are referring to any other CVE, you can check them in above link.

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++        If you find this answer helpful, please rate it as such      ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

Customers Also Viewed These Support Documents