Security scanners report that vCenter Server or ESXi are found to be vulnerable to CVE-2023-38408.
search cancel

Security scanners report that vCenter Server or ESXi are found to be vulnerable to CVE-2023-38408.

book

Article ID: 372263

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

Security scanners may mistakenly report that vCenter Server and ESXi are vulnerable to CVE-2023-38408.

Environment

  • VMware vCenter Server 8.0.x
  • VMware vCenter Server 7.0.x

Cause

Some security scanners may check if the OpenSSH version is simply lower than 9.3p2, without taking into account that there have been fixes published for older major versions (OpenSSH 8.x and OpenSSH 7.x) as well.

Resolution

CVE-2023-38408 is addressed in PhotonOS patches included in the following releases of vCenter Server.

  • vCenter Server 8.0.2.00200 (U2b)
  • vCenter Server 7.0.3.01900 (U3q)

ESXi is not affected by CVE-2023-38408 as it does not use the ssh-agent.

Additional Information

Please reach out to the vendor support for the scanner application you are using to verify how the recognition mechanism works.

VMware vCenter Server 8.0 Photon OS Security Patches
VMware vCenter Server 7.0 Photon OS Security Patches


Github: OpenSSH: Upgrade to 8.9p1 and Fix CVE-2023-38408

 

Powered by Wolken Software