CAS administrators would like to determine if CAS (Content Analysis) devices are vulnerable to CVE-2023-51384 and CVE-2023-51385.

CAS (Content Analysis)

Vulnerability Details

• CVE ID Number: CVE-2023-51384
• Component: OpenSSH
• Date Published: December 18th, 2023
• Description: In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
• Vector Assessment: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
• Base Score: 5.5 (Medium)

• CVE ID Number: CVE-2023-51385
• Component: OpenSSH
• Date Published: December 18th, 2023
• Description: In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
• Vector Assessment: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
• Base Score: 6.5 (Medium)

Advisory Link(s)

• https://nvd.nist.gov/vuln/detail/CVE-2023-51384 
• https://nvd.nist.gov/vuln/detail/CVE-2023-51385 

CAS (Content Analysis) devices are not vulnerable to CVE-2023-51384 and CVE-2023-51385.

• CAS (Content Analysis) does not allow usernames that include shell characters. 
• CAS (Content Analysis) does not behave as an SSH client and does not use the ssh-agent.