Is SSLV vulnerable to CVE-2023-48795
search cancel

Is SSLV vulnerable to CVE-2023-48795

book

Article ID: 282520

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

You are running vulnerability scan, and results shows that SSLV is vulnerable to CVE-2023-48795.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

Cause

CVE-2023-48795 Overview
The Terrapin attack is a novel attack in the SSH protocol itself, causing the compromised client to erroneously perceive that the server lacks support for recent signature algorithms used in user authentication, through a man-in-the-middle (MitM) attack.

The vulnerability affects all SSH connections. This research will focus on the OpenSSH implementation.

There are two vulnerable OpenSSH configurations:

  1. ChaCha20-Poly1305
  2. Any aes(128|192|256)-cbc ciphers using the default MACs (or any MAC that uses Encrypt-then-MAC, EtM, for example – [email protected]).


The default OpenSSH client and server are vulnerable to this attack, as they are configured to allow the vulnerable ChaCha20-Poly1305 cipher.

Resolution

localhost# configure t
localhost(config)# ssh-console
localhost(config-ssh-console)# view
Ciphers:
[email protected], [email protected], [email protected], aes128-ctr, aes192-ctr, aes256-ctr
localhost(config-ssh-console)# ciphers remove [email protected]
ok

 

Powered by Wolken Software