ssh access to the ME4/U144/U840 management controller may be vulnerable to cve-2023-48795
book
Article ID: 278189
calendar_today
Updated On:
Products
Security Analytics
Issue/Introduction
ME4/U144/U840 management controller may be vulnerable to the cve-2023-48795 via ssh.
Cause
ssh is enabled by default on these devices
Resolution
ssh can be disabled in the management controller for the ME4/U144/U840 storage arrays.
- Login to the Web UI and select Home -> Action -> System Settings -> Services
- Deselect SSH.
Test by using ssh to connect to the same IP address used to access the Web UI.
Feedback
thumb_up
Yes
thumb_down
No