OpenSSH Sensitive Information Disclosure Vulnerability - CVE-2023-28531
Article ID: 422440
Updated On:
Products
VMware HCX
Issue/Introduction
The following CVE is being reported by security scanner as being vulnerable to HCX Manager
- CVE-2023-28531
Environment
- VMware HCX 4.11.0 or lower
Cause
- OpenSSH version 8.9 and above prior to 9.3 is impacted by this vulnerability
Resolution
- To verify the version of openssh on your appliance run the following command at the shell prompt:
rpm -qa | grep -i openssh
- HCX 4.11.1 uses OpenSSH version 9.3p2. HCX 4.11.1 and newer is not impacted.
Additional Information
Security Advisory: For more details on the CVE and associated fixes, refer to the OpenSSH Security Advisory
Feedback
Yes
No
Powered by
