SpanVA SSH Prefix Truncation Vulnerability (Terrapin)
search cancel

SpanVA SSH Prefix Truncation Vulnerability (Terrapin)

book

Article ID: 282471

calendar_today

Updated On: 04-24-2024

Products

CASB Gateway Advanced CASB Advanced Threat Protection CASB Audit CASB Gateway CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet IAAS CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS

Issue/Introduction

Issue: SpanVA Appliance Vulnerability found during Qualys Network Scan

CVE-2023-48795 - SSH Prefix Truncation Vulnerability (Terrapin).

SpanVA is on latest version 1,15.3.151.0-8rc dated 29 March 2023

 

 

Resolution

Based on the available literature, we have concluded the Terrapin attack does not pose any practical risk to the SpanVA appliance.

However, we are in the process of upgrading OpenSSH shipped with SpanVA to address the issue (Release date TBD).

If the customer is anxious, here is a temporary workaround:

  1. Browse to the Settings page, "Strict Ciphers" section on SpanVA
  2. Select "Custom" for "Use Only Strict SSH Ciphers?"
  3. Only select AES128_CTR, AES192_CTR, AES256_CTR, AES128_GCM@OPENSSH.COM, AES256_GCM@OPENSSH.COM
  4. Click on "Save"
  5. Rescan SpanVA for vulnerability - should be gone.




Additional Information

 

 

 

 

 

Powered by Wolken Software