Is SMG vulnerable to CVE-2023-38408
search cancel

Is SMG vulnerable to CVE-2023-38408

book

Article ID: 272887

calendar_today

Updated On:

Products

Messaging Gateway Messaging Gateway for Service Providers Messaging Gateway Hardware

Issue/Introduction

A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an attacker with control of the forwarded agent-socket on the server and the ability to write to the filesystem of the client host to execute arbitrary code with the privileges of the user running the ssh-agent.

Cause

Remote exploitation requires that a user establishes an SSH connection to a compromised or malicious SSH server with agent forwarding enabled. The agent forwarding is disabled by default. Review your ssh client configuration files for the use of ForwardAgent configuration directive and invocations of SSH client for the use of -A command line argument to see if agent forwarding is enabled for specific connections.

Exploitation can also be prevented by starting ssh-agent(1) with an empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that contains only specific provider libraries.

Resolution

The vulnerability CVE-2023-38408 is not susceptible to SMG.

Additional Information

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ssh

https://access.redhat.com/security/cve/cve-2023-38408