One of our clients runs regularly security scans on the gateway and finds a vulnerability
The client is on the latest patchlevel ( Layer7_API_PlatformUpdate_64bit_v10.X-CentOS-2022-01-26)
The CVE they have found = CVE - CVE-2020-15778 (mitre.org)
Are you aware of this vulnerability? and how should we (or you) proceed on this issue?
Release : 10.0
According the redhat site this vulnerability is not fixed and will not be fixed
The gateway runs centos but is build from the same redhat sources so there is no fix to include in the platform patch .
In order to exploit this flaw, the attacker needs to social engineer or manipulate a system administrator (who has root access on the remote server) to run scp with a malicious command line parameter.
Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary.
Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system. A
lso administrators can change the execute permissions on the scp binary.
However this mitigation will be in place until the openssh-clients package is updated.