"OpenSSH < 9.6 Multiple Vulnerabilities" reported in Aria Automation 8.16.2
search cancel

"OpenSSH < 9.6 Multiple Vulnerabilities" reported in Aria Automation 8.16.2

book

Article ID: 370004

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Aria Automation 8.16.2.

Vulnerability scanners report "OpenSSH < 9.6 Multiple Vulnerabilities" which include CVE-2023-48795,CVE-2023-51384,CVE-2023-51385.

Environment

Aria Automation 8.16.2

Cause

Aria Automation 8.16.2 include openssh-8.9p1-6.ph4.

Resolution

This is an false positive report from security scan application.

CVE-2023-48795 in resolved in Aria Automation 8.16.2.

CVE-2023-51384 is resolved in OpenSSH version 8.9p1-6.

Ref: https://github.com/vmware/photon/wiki/Security-Update-4.0-545

CVE-2023-51385 is resolved in OpenSSH version 8.9p1-5.

Ref: https://github.com/vmware/photon/wiki/Security-Update-4.0-536

So this could be safely ignored.

Powered by Wolken Software