Is CAS vulnerable to CVE-2023-48795?
search cancel

Is CAS vulnerable to CVE-2023-48795?

book

Article ID: 282097

calendar_today

Updated On:

Products

Content Analysis Software ISG Content Analysis

Issue/Introduction

Is Content Analysis (CAS) vulnerable to CVE-2023-48795?

Cause

CVE-2023-48795 Overview
The Terrapin attack is a novel attack in the SSH protocol itself, causing the compromised client to erroneously perceive that the server lacks support for recent signature algorithms used in user authentication, through a man-in-the-middle (MitM) attack.

The vulnerability affects all SSH connections. This research will focus on the OpenSSH implementation.

There are two vulnerable OpenSSH configurations:

  1. ChaCha20-Poly1305
  2. Any aes(128|192|256)-cbc ciphers using the default MACs (or any MAC that uses Encrypt-then-MAC, EtM, for example – [email protected]).

Resolution

Default configuration does not use ChaCha20-Poly1305 or any Encrypt-then-Mac configurations

It is not possible to implement ChaCha20-Poly1305 or any Encrypt-then-Mac configurations for SSH on CAS.

Based on the above, the Terrapin attack is not exploitable on Content Analysis Software.
 
Powered by Wolken Software