Management Center Vulnerable to CVE-2023-48795
search cancel

Management Center Vulnerable to CVE-2023-48795

book

Article ID: 277597

calendar_today

Updated On:

Products

Management Center Management Center - VA

Issue/Introduction

During a scan of the Management Center, it maybe found to be vulnerable to CVE-2023-48795.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

Cause

CVE-2023-48795 Overview
The Terrapin attack is a novel attack in the SSH protocol itself, causing the compromised client to erroneously perceive that the server lacks support for recent signature algorithms used in user authentication, through a man-in-the-middle (MitM) attack.

The vulnerability affects all SSH connections. This research will focus on the OpenSSH implementation.

There are two vulnerable OpenSSH configurations:

  1. ChaCha20-Poly1305
  2. Any aes(128|192|256)-cbc ciphers using the default MACs (or any MAC that uses Encrypt-then-MAC, EtM, for example – [email protected]).


The default OpenSSH client and server are vulnerable to this attack, as they are configured to allow the vulnerable ChaCha20-Poly1305 cipher.

Resolution

localhost# configure
Enter configuration commands, one per line. End with CNTL/Z.
localhost(config)# ssh-console ciphers
localhost(config-ciphers)# view
[email protected] [email protected] [email protected] aes128-ctr aes192-ctr aes256-ctr
localhost(config-ciphers)# remove ?
Description: Cipher list
Possible completions:
  aes128-ctr              [email protected]
  aes192-ctr              aes256-ctr
  [email protected]  [email protected]
localhost(config-ciphers)# remove [email protected]
  ok
localhost(config-ciphers)#

 

Powered by Wolken Software