search cancel

CVE-2021-41617: Is Security Analytics vulnerable?

book

Article ID: 244269

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

A security scanner may detect the vulnerability for CVE-2021-41617.  This is related to having values set for AuthorizedKeysCommand and AuthorizedPrincipalsCommand in OpenSSH 6.2 through 8.8.

Resolution

The AuthorizedKeysCommand and AuthorizedPrincipalsCommand values are not set in Security Analytics and therefore our OpenSSH installation is not vulnerable to CVE-2021-41617.  The is a false positive for this vulnerability.