OpenSSH Vulnerabilities: CVE-2023-51384, CVE-2023-51385, CVE-2019-16905, CVE-2020-15778, CVE-2023-48795, CVE-2020-14145, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2018-15919, CVE-2016-20012, CVE-2025-26465, CVE-2025-23419

search cancel

OpenSSH Vulnerabilities: CVE-2023-51384, CVE-2023-51385, CVE-2019-16905, CVE-2020-15778, CVE-2023-48795, CVE-2020-14145, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2018-15919, CVE-2016-20012, CVE-2025-26465, CVE-2025-23419

book

Article ID: 390158

calendar_today

Updated On:

Products

VMware Telco Cloud Automation VMware Telco Cloud Platform VMware Aria Suite VMware Integrated OpenStack VMware vCenter Server

Issue/Introduction

Customer vulnerability scanners detects below OpenSSH vulnerabilities.

CVE-2023-51384 priority is medium (CVSS score between 4 and 7)
CVE-2023-51385 priority is medium (CVSS score between 4 and 7)
CVE-2019-16905, CVE-2020-15778 priority is High (CVSS score is above 7)
CVE-2023-48795, CVE-2020-14145, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2018-15919, CVE-2016-20012 priority is medium (CVSS score between 4 and 7)
CVE-2025-26465 priority is medium (CVSS score between 4 and 7)
CVE-2025-23419 priority is medium (CVSS score 5)

Environment

vCenter 8.x
vROps 8.18.1
vRO 8.18.1
vRLI 8.18
TCA 3.2
TCA Airgap 3.2
Harbor 2.6.x
VIO 7.x

Resolution

Below are the CVE details with the fix.

Product	Version	Relevant CVEs	Fix / Update Status	Notes
vCenter	8u3d	CVE-2023-51384, CVE-2023-51385	Fixed in vCenter 8.0U3d openssh-clients-8.9p1-8.ph4 CVE-2023-51385 is fixed and not present CVE-2023-51384 is fixed and not present	See OpenSSH Vulnerabilities CVE-2023-51384 and CVE- 2023-51385
Airgap	3.2	CVE-2023-51384, CVE-2023-51385 CVE-2025-23419	Airgap openssh-8.9p1-8.ph4 CVE-2023-51385 is fixed and not present in TCA 3.2 Patch (3.2.0.1) CVE-2023-51384 is fixed and not present in TCA 3.2 Patch (3.2.0.1) CVE-2025-23419 This vulnerability, applies to nginx versions 1.11.4 through 1.27.3 when configured to use TLSv1.3 with session resumption enabled through ssl_session_cache or ssl_session_tickets. Although the Airgap Server (version 3.2.0.1) utilizes nginx 1.26.2, its default configuration enforces the use of TLSv1.2 rather than the affected TLSv1.3. As a result, Airgap 3.2 environment is not impacted by CVE-2025-23419, and no remediation is needed.You may verify the TLS version configured on the Airgap Server using the following commands: grep -i tls /etc/nginx/nginx.conf. Expected Output should be ssl_protocols TLSv1.2;	The photon used by broadcom is the patched photon version. Depending on the patched version, some of the vulnerabilities reported in higher ssh version are fixed in the lower ssh photon version.
TCA	3.2	CVE-2023-51384, CVE-2023-51385	In the TCA-M , ssh version is openssh-8.9p1-7.ph4 CVE-2023-51385 is fixed and not present in TCA 3.2 Patch (3.2.0.1) CVE-2023-51384 is fixed and not present in TCA 3.2 Patch (3.2.0.1) TCA-CP, openssh-8.9p1-7.ph4 CVE-2023-51385 is fixed and not present in TCA 3.2 Patch (3.2.0.1) CVE-2023-51384 is fixed and not present in TCA 3.2 Patch (3.2.0.1)
vRO	8.18.1	CVE-2023-51384, CVE-2023-51385	openssh-8.9p1-7.ph4.x86_64 CVE-2023-51385 is fixed and not present CVE-2023-51384 is fixed and not present
vROPS	8.18.1	CVE-2023-51384, CVE-2023-51385	openssh-8.9p1-7.ph4.x86_64 CVE-2023-51385 is fixed and not present CVE-2023-51384 is fixed and not present
vROPS remote collector	8.18.1	CVE-2023-51384, CVE-2023-51385	openssh-9.3p2-10.ph5.x86_64 CVE-2023-51385 is fixed and not present CVE-2023-51384 is fixed and not present
vRLI	8.18	CVE-2023-51384, CVE-2023-51385	openssh-8.9p1-7.ph4.x86_64 CVE-2023-51385 is fixed and not present CVE-2023-51384 is fixed and not present
Harbor	2.6.3	CVE-2019-16905, CVE-2020-15778, CVE-2023-48795, CVE-2020-14145, CVE-2023-51385, CVE-2023-51384, CVE-2018-20685, CVE-2019-6109, CVE-2019-6110, CVE-2019-6111, CVE-2018-15919, CVE-2016-20012	Harbor version v2.6.3-1297af6c is vm shell and is not provided by VMware/ Broadcom. because of which the reported 2 vulnerabilities are not applicable. The newer supported versions of harbor are provided via CN solution, and these do not these vulnerabilities.	For the 2.6 version, Broadcom provides something like harbor-offline-installer-v2.6.X.tgz , this installer can be installed on any VM, so if your chosen VM's ssh gets outdated , the scanner would report it as vulnerable. For 2.6 Harbor , Broadcom only gives this installer ** and the outer shell is not controlled/managed by Broadcom. So a ssh update for the Harbor VM can get rid of the reported security vulnerabilities
Harbor	2.6	CVE-2025-26465	Harbor v2.6 is a VM shell and is not provided by VMware/ Broadcom. Users are typically downloading a Photon OS from public repositories and setting up Harbor. VMWare/Broadcom do not need to provide workarounds / fixes for these. VMWare/Broadcom own Harbor v2.9 onwards (CNF method). Users are free to apply generic Linux recommendations for prior versions.	Issue was fixed on photon OS version 4. Users who deployed TCA version 3.2.0.1, need to execute the following command to update the system and fix the vulnerability: #`tdnf update -y`
VIO	7.x	PHSA-2019-3.0-0003, CVE-2018-20685, PHSA-2019-3.0-0014, CVE-2019-6109, CVE-2019-6111, PHSA-2019-3.0-0017, CVE-2019-6110, PHSA-2023-3.0-0705, CVE-2023-51385	These issues with openssh will be addressed with openssh-7.8p1-18. If the package returned is less than openssh-7.8p1-18 (see Additional Information) run the following: `tdnf update openssh`	For CVE-2023-51384, it is not applicable to the openssh version 7.8p1. This CVE is applicable in openssh version 8.9 and above. For CVE-2023-48795, please see OpenSSH vulnerability CVE-2023-48795

Additional Information

Verify the version being used in the environment:

Login via root and output the full version of SSH in the Product via,
#rpm -qa | grep openssh
Then look at the patch version and compare it here
Photon OS Security Advisories
#rpm -qa | grep openssh

Feedback

thumb_up Yes

thumb_down No