Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-6387 (GCVE-0-2024-6387)
Vulnerability from cvelistv5 – Published: 2024-07-01 12:37 – Updated: 2026-05-12 11:39
VLAI
EPSS
Title
Openssh: regresshion - race condition in ssh allows rce/dos
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Severity
8.1 (High)
CWE
- CWE-364 - Signal Handler Race Condition
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:4312 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4340 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4389 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4469 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4474 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4479 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4484 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-6387 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2294604 | issue-trackingx_refsource_REDHAT |
| https://santandersecurityresearch.github.io/blog/… | |
| https://www.openssh.com/txt/release-9.8 | |
| https://www.qualys.com/2024/07/01/cve-2024-6387/r… |
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
8.5p1 , ≤ 9.7p1
(custom)
|
|||
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:8.7p1-38.el9_4.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:8.7p1-38.el9_4.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:8.7p1-12.el9_0.1 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:8.7p1-30.el9_2.4 , < *
(rpm)
cpe:/o:redhat:rhel_eus:9.2::baseos cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
413.92.202407091321-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
414.92.202407091253-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
415.92.202407091355-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
Unaffected:
416.94.202407081958-0 , < *
(rpm)
cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat Ceph Storage 5 |
cpe:/a:redhat:ceph_storage:5 |
|
| Red Hat | Red Hat Ceph Storage 6 |
cpe:/a:redhat:ceph_storage:6 |
|
| Red Hat | Red Hat Ceph Storage 7 |
cpe:/a:redhat:ceph_storage:7 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
Date Public
2024-07-01 08:00
Credits
Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6387",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T13:18:34.695298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T13:18:46.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-24T18:35:27.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
},
{
"url": "https://www.exploit-db.com/exploits/52269"
},
{
"url": "https://packetstorm.news/files/id/190587/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
},
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"tags": [
"x_transferred"
],
"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
},
{
"tags": [
"x_transferred"
],
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/AlmaLinux/updates/issues/629"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/4379"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/azurelinux/issues/9555"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oracle/oracle-linux/issues/149"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/issues/87"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/zgzhang/cve-2024-6387-poc"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=40843778"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
},
{
"tags": [
"x_transferred"
],
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214119"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214118"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214120"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/20"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/19"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "Industrial Edge Management OS (IEM-OS)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS IIoT module",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.0 HF1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEMA Remote Connect Server",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.2 SP2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINUMERIK ONE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:39:26.672Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-446545.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.openssh.com/",
"defaultStatus": "unaffected",
"packageName": "OpenSSH",
"repo": "https://anongit.mindrot.org/openssh.git",
"versions": [
{
"lessThanOrEqual": "9.7p1",
"status": "affected",
"version": "8.5p1",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream",
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-12.el9_0.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-30.el9_2.4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9",
"cpe:/a:redhat:openshift:4.13::el8"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "413.92.202407091321-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202407091253-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "415.92.202407091355-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202407081958-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:7"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
}
],
"datePublic": "2024-07-01T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-364",
"description": "Signal Handler Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T06:17:03.387Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-27T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-07-01T08:00:00.000Z",
"value": "Made public."
}
],
"title": "Openssh: regresshion - race condition in ssh allows rce/dos",
"workarounds": [
{
"lang": "en",
"value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-6387",
"datePublished": "2024-07-01T12:37:25.431Z",
"dateReserved": "2024-06-27T13:41:03.421Z",
"dateUpdated": "2026-05-12T11:39:26.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-6387",
"date": "2026-05-27",
"epss": "0.63047",
"percentile": "0.98413"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6387\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-07-01T13:15:06.467\",\"lastModified\":\"2026-05-12T12:17:20.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n del controlador de se\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\u00f3nica. Sin embargo, este controlador de se\u00f1ales llama a varias funciones que no son seguras para se\u00f1ales as\u00edncronas, por ejemplo, syslog().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-364\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_6200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92EF92CC-8175-4319-A529-AF979BAE5FCE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_6200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17BDC1B0-BE6A-4680-A78E-5338AD709095\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_7200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FCBF1E6-3A6E-430A-AB34-AA48D4478C5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_7200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C366A02-074C-4F98-AE68-30E0FF85CD00\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32.0\",\"versionEndIncluding\":\"4.32.1f\",\"matchCriteriaId\":\"A5DA3089-31AA-499E-9C23-788503BE55B7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:23.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602CE21C-E1A9-4407-A504-CF4E58F596F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"BF90B5A4-6E55-4369-B9D4-E7A061E797D2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B93E9A-1483-4FF7-BF45-BD0D7D9F1747\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_6210_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F87F7D08-7A28-493A-96BB-74C142109F8D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_6210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0734D1E1-2F59-4832-875F-AB03994B8992\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_7210_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7592AE3D-D749-4494-9A55-71E2FD9BDFC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_7210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A15BA659-19D1-49AA-B249-EAE5E63B9B9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sma_8200v_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CE83596-82B9-4656-8E50-50D79DF06FB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sma_8200v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68369A76-B0C3-4736-9EE6-4E0034111591\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sonicwall:sra_ex_7000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCF845D8-65AE-4165-9742-B56E86AB7D21\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sonicwall:sra_ex_7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D435EFD-7B02-4921-8AC5-BBF07277F4B2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a1k_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F65C59D-249A-4790-892C-B78CF82E51CF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a1k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E0E9D71-AF09-41F4-A1C7-94F616AF2832\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F7D6B02-55FE-4BF1-8607-A0D703E61055\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0FFEBCB-88AF-4AB2-A347-FB9420D2302A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a90_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550C1E38-56A3-4676-9D28-D66F66BA2FC8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4812740A-7E14-4B43-8E08-3FACA2585B48\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDD92BFA-9117-4E6E-A13F-ED064B4B7284\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7DA42F-5D64-4967-A2D4-6210FE507841\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E73901F-666D-4D8B-BDFD-93DD2F70C74B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0FD5AED-42CF-4918-B32C-D675738EF15C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B25BEF-8708-4E2C-8BA6-EBCD5267EB04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE0F11D2-B5D9-46B4-BFC5-C86BC87D516A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04E3BD77-8915-4FFC-8483-5DB5D610F829\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E94ECB-BB51-4364-BEDD-8648C193196F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AC7AD92-8B33-4137-A4EC-08641E4AF857\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD443748-B0D1-4C1A-A62E-BD5FB5967370\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1236B66D-EB11-4324-929F-E2B86683C3C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"281DFC67-46BB-4FC2-BE03-3C65C9311F65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECF32BB1-9A58-4821-AE49-5D5C8200631F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F21DE67F-CDFD-4D36-9967-633CD0240C6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB1EC2-2560-494A-A51B-6F20CE318FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58DE2B52-4E49-4CD0-9310-00291B0352C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36CECA5-4545-49C2-92EB-B739407B207F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8E7549A-DE35-4274-B3F6-22D51C7A6613\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AE3364-DB2D-4543-B1E2-175BF8BEBEE7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64173B9-2A11-4390-AC76-7DD94F0CD305\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a900_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93B9B933-7D69-4B33-8983-C1CEC000B38B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641290E6-558D-439F-AEBA-8F7BFF3D5C74\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a9500_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAA16D1-1E27-4128-BA14-5A0C59340EAA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1C0A781-C3E2-4B41-8A30-FAD9E826270E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A43965-CB2E-4C28-AFC3-1ADE7A6B845C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a150_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"775078AE-16E0-4AF6-9022-372FC2852107\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D14D7F-E8E5-4669-8DB4-C634D0705EE9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F2D2745-242C-4603-899E-70C9025BDDD2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB4541D-5EF7-4266-BFF3-2DDEC95E8012\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7FD1DA9-7980-4643-B378-7095892DA176\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"347E9E3E-941C-4109-B59F-B9BB05486B34\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD661062-0D5B-4671-9D92-FEF8D7395C1E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:fas2820_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F997DB9A-AF66-4CE1-B33B-A04493ECBA19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:fas2820:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E8CD85-6C01-4B70-A1AA-750B46295194\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.7.6\",\"matchCriteriaId\":\"EA924D87-8FAE-4E34-83F7-A5E25C7450E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0\",\"versionEndExcluding\":\"13.6.8\",\"matchCriteriaId\":\"7008225C-B5B9-4F87-9392-DD2080717E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.6\",\"matchCriteriaId\":\"51E2E93B-C5A3-4C83-B806-2EC555AD45FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4\",\"matchCriteriaId\":\"1102FFF5-77B1-400E-93F8-AC6CFE2CC93C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6\",\"versionEndIncluding\":\"9.8\",\"matchCriteriaId\":\"F45F69D6-7E32-4483-9EFC-63697CDDD22C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C37CBBB-A4AA-40D0-9609-0620FDC12BA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7945F60B-460E-4CA6-9EB4-BEE663386D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:8.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB66ECE1-715A-4074-9355-E3512F7BCDBB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01363FFA-F7A6-43FC-8D47-E67F95410095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB056B47-1F45-4CE4-81F6-872F66C24C29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F843B777-5C64-4CAE-80D6-89DC2C9515B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39D345D3-108A-4551-A112-5EE51991411A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09F471C6-69AF-4E78-8143-17E783C80B9F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"359012F1-2C63-415A-88B8-6726A87830DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"47842532-D2B6-44CB-ADE2-4AC8630A4D8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"21538C5B-A130-411E-B5F7-BBBA4C9D488A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amazon:amazon_linux:2023.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D34E98-F549-4261-A42D-B37066C638B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.2\",\"matchCriteriaId\":\"8C5DA53D-744B-4087-AEA9-257F18949E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A20333EE-4C13-426E-8B54-D78679D5DDB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"5333B745-F7A3-46CB-8437-8668DB08CD6F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87EFA20-DD6B-41C5-98FD-A29F67D2E732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2888B0C1-4D85-42EC-9696-03FAD0A9C28F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"556F4943-7BA4-4E09-94B3-4515DC3C7807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AFEC561-D79B-498B-B59D-1D82B21BDF1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3306F11-D3C0-41D6-BB5E-2ABDC3927715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E584FE1-3A34-492B-B10F-508DA7CBA768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"761B4382-E857-4868-9F80-189B7F60256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"51B17801-15FD-4425-BA6C-BE06B14F1BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9CAFF74-AD36-4D29-83F3-23E0417C485D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A81663-047E-4328-BE3A-CF65AB55B29F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"17DAE911-21E1-4182-85A0-B9F0059DDA7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABEA48EC-24EA-4106-9465-CE66B938635F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC8C769C-A23E-4F61-AC42-4DA64421B096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA25530A-133C-4D7C-8993-D5C42D79A0B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A72B5A-2189-4700-8E8B-1E5E7CA86C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5771F187-281B-4680-B562-EFC7441A8F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A4437F5-9DDA-4769-974E-23BFA085E0DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C3A3D4-C9F4-41EB-B532-821AF83470B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"878A1F0A-087F-47D7-9CA5-A54BB8D6676A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"50A5E650-31FB-45BE-8827-641B58A83E45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"038E5B85-7F60-4D71-8D3F-EDBF6E036CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF309824-D379-4749-A1FA-BCB2987DD671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79D770C6-7A57-4A49-8164-C55391F62301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA813990-8C8F-4EE8-9F2B-9F73C510A7B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.0.0\",\"matchCriteriaId\":\"A6A2EBE8-012E-470E-9E56-56ACBE345F78\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4340\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4389\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4469\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4474\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4479\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-6387\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.8\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Jul/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/02/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/03/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/04/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/08/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/08/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/09/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/09/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/11/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/11/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/23/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://explore.alas.aws.amazon.com/CVE-2024-6387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/AlmaLinux/updates/issues/629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Azure/AKS/issues/4379\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/microsoft/azurelinux/issues/9555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/oracle/oracle-linux/issues/149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/issues/87\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/zgzhang/cve-2024-6387-poc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=40843778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://packetstorm.news/files/id/190587/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240701-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sig-security.rocky.page/issues/CVE-2024-6387/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://ubuntu.com/security/CVE-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6859-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/52269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-9.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.suse.com/security/cve/CVE-2024-6387.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.theregister.com/2024/07/01/regresshion_openssh/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-446545.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387\"}, {\"url\": \"https://www.exploit-db.com/exploits/52269\"}, {\"url\": \"https://packetstorm.news/files/id/190587/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/02/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/03/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/04/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/08/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/09/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/11/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/23/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/28/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"name\": \"RHSA-2024:4312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"name\": \"RHSA-2024:4340\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"name\": \"RHSA-2024:4389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"name\": \"RHSA-2024:4469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"name\": \"RHSA-2024:4474\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"name\": \"RHSA-2024:4479\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"name\": \"RHSA-2024:4484\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"name\": \"RHBZ#2294604\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://explore.alas.aws.amazon.com/CVE-2024-6387.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/AlmaLinux/updates/issues/629\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/4379\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/discussions/2248\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2249\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/azurelinux/issues/9555\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oracle/oracle-linux/issues/149\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/issues/87\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/zgzhang/cve-2024-6387-poc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=40843778\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2024-6387\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240701-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://sig-security.rocky.page/issues/CVE-2024-6387/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2024-6387\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6859-1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.suse.com/security/cve/CVE-2024-6387.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2024/07/01/regresshion_openssh/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214119\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214118\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/20\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/18\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Jul/19\", \"tags\": [\"x_transferred\"]}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-04-24T18:35:27.934Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6387\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-02T13:18:34.695298Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-02T13:18:43.278Z\"}}], \"cna\": {\"title\": \"Openssh: regresshion - race condition in ssh allows rce/dos\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"repo\": \"https://anongit.mindrot.org/openssh.git\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.5p1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.7p1\"}], \"packageName\": \"OpenSSH\", \"collectionURL\": \"https://www.openssh.com/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-38.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-38.el9_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\", \"cpe:/o:redhat:rhel_e4s:9.0::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-12.el9_0.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.2::baseos\", \"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.7p1-30.el9_2.4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el9\", \"cpe:/a:redhat:openshift:4.13::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"413.92.202407091321-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"414.92.202407091253-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"415.92.202407091355-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"416.94.202407081958-0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhcos\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 7\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"openssh\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-06-27T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-07-01T08:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-07-01T08:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:4312\", \"name\": \"RHSA-2024:4312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4340\", \"name\": \"RHSA-2024:4340\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4389\", \"name\": \"RHSA-2024:4389\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4469\", \"name\": \"RHSA-2024:4469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4474\", \"name\": \"RHSA-2024:4474\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4479\", \"name\": \"RHSA-2024:4479\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4484\", \"name\": \"RHSA-2024:4484\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-6387\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2294604\", \"name\": \"RHBZ#2294604\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://santandersecurityresearch.github.io/blog/sshing_the_masses.html\"}, {\"url\": \"https://www.openssh.com/txt/release-9.8\"}, {\"url\": \"https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\\n\\n1) As root user, open the /etc/ssh/sshd_config\\n2) Add or edit the parameter configuration:\\n~~~\\nLoginGraceTime 0\\n~~~\\n3) Save and close the file\\n4) Restart the sshd daemon:\\n~~~\\nsystemctl restart sshd.service\\n~~~\\n\\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\\n\\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-364\", \"description\": \"Signal Handler Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-12-11T06:17:03.387Z\"}, \"x_redhatCweChain\": \"CWE-364: Signal Handler Race Condition\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6387\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-11T06:17:03.387Z\", \"dateReserved\": \"2024-06-27T13:41:03.421Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-07-01T12:37:25.431Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2024:2275-2
Vulnerability from csaf_suse - Published: 2024-07-03 21:59 - Updated: 2024-07-03 21:59Summary
Security update for openssh
Severity
Important
Notes
Title of the patch: Security update for openssh
Description of the patch: This update for openssh fixes the following issues:
- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642)
Patchnames: SUSE-2024-2275,openSUSE-SLE-15.6-2024-2275
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2275,openSUSE-SLE-15.6-2024-2275",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2275-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2275-2",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242275-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2275-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035819.html"
},
{
"category": "self",
"summary": "SUSE Bug 1226642",
"url": "https://bugzilla.suse.com/1226642"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6387 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6387/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2024-07-03T21:59:21Z",
"generator": {
"date": "2024-07-03T21:59:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2275-2",
"initial_release_date": "2024-07-03T21:59:21Z",
"revision_history": [
{
"date": "2024-07-03T21:59:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-cavs-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-clients-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-clients-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-common-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-common-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-fips-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-fips-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-helpers-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-server-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-server-9.6p1-150600.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"product": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"product_id": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-askpass-gnome-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-cavs-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-clients-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-clients-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-common-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-common-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-fips-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-fips-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-helpers-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-server-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-server-9.6p1-150600.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.i586",
"product": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.i586",
"product_id": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-cavs-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-clients-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-common-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-common-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-fips-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-helpers-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-server-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-server-9.6p1-150600.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"product": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"product_id": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-cavs-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-clients-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-clients-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-common-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-common-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-fips-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-fips-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-helpers-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-server-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-server-9.6p1-150600.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"product": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"product_id": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-cavs-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-clients-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-clients-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-common-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-common-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-fips-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-fips-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-helpers-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-server-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-server-9.6p1-150600.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64",
"product": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64",
"product_id": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-cavs-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-clients-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-clients-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-clients-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-common-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-common-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-common-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-common-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-fips-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-fips-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-fips-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-helpers-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-server-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-server-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-server-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-server-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64"
},
"product_reference": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le"
},
"product_reference": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x"
},
"product_reference": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64"
},
"product_reference": "openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6387"
}
],
"notes": [
{
"category": "general",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6387",
"url": "https://www.suse.com/security/cve/CVE-2024-6387"
},
{
"category": "external",
"summary": "SUSE Bug 1226641 for CVE-2024-6387",
"url": "https://bugzilla.suse.com/1226641"
},
{
"category": "external",
"summary": "SUSE Bug 1226642 for CVE-2024-6387",
"url": "https://bugzilla.suse.com/1226642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-askpass-gnome-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-cavs-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-clients-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-common-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-fips-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-helpers-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-9.6p1-150600.6.3.1.x86_64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.aarch64",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.ppc64le",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.s390x",
"openSUSE Leap 15.6:openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-03T21:59:21Z",
"details": "important"
}
],
"title": "CVE-2024-6387"
}
]
}
SUSE-SU-2025:20009-1
Vulnerability from csaf_suse - Published: 2025-02-03 08:47 - Updated: 2025-02-03 08:47Summary
Security update for openssh
Severity
Critical
Notes
Title of the patch: Security update for openssh
Description of the patch: This update for openssh fixes the following issues:
- CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318)
- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642).
Patchnames: SUSE-SLE-Micro-6.0-8
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318)\n- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-8",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20009-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20009-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520009-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20009-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021369.html"
},
{
"category": "self",
"summary": "SUSE Bug 1217950",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "self",
"summary": "SUSE Bug 1218215",
"url": "https://bugzilla.suse.com/1218215"
},
{
"category": "self",
"summary": "SUSE Bug 1226642",
"url": "https://bugzilla.suse.com/1226642"
},
{
"category": "self",
"summary": "SUSE Bug 1227318",
"url": "https://bugzilla.suse.com/1227318"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51385 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6387 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6387/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2025-02-03T08:47:06Z",
"generator": {
"date": "2025-02-03T08:47:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20009-1",
"initial_release_date": "2025-02-03T08:47:06Z",
"revision_history": [
{
"date": "2025-02-03T08:47:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-9.6p1-2.1.aarch64",
"product_id": "openssh-9.6p1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-clients-9.6p1-2.1.aarch64",
"product_id": "openssh-clients-9.6p1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-common-9.6p1-2.1.aarch64",
"product_id": "openssh-common-9.6p1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-fips-9.6p1-2.1.aarch64",
"product_id": "openssh-fips-9.6p1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-server-9.6p1-2.1.aarch64",
"product_id": "openssh-server-9.6p1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"product_id": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-2.1.s390x",
"product": {
"name": "openssh-9.6p1-2.1.s390x",
"product_id": "openssh-9.6p1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-2.1.s390x",
"product": {
"name": "openssh-clients-9.6p1-2.1.s390x",
"product_id": "openssh-clients-9.6p1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-2.1.s390x",
"product": {
"name": "openssh-common-9.6p1-2.1.s390x",
"product_id": "openssh-common-9.6p1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-2.1.s390x",
"product": {
"name": "openssh-fips-9.6p1-2.1.s390x",
"product_id": "openssh-fips-9.6p1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-2.1.s390x",
"product": {
"name": "openssh-server-9.6p1-2.1.s390x",
"product_id": "openssh-server-9.6p1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"product_id": "openssh-server-config-rootlogin-9.6p1-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-9.6p1-2.1.x86_64",
"product_id": "openssh-9.6p1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-clients-9.6p1-2.1.x86_64",
"product_id": "openssh-clients-9.6p1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-common-9.6p1-2.1.x86_64",
"product_id": "openssh-common-9.6p1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-fips-9.6p1-2.1.x86_64",
"product_id": "openssh-fips-9.6p1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-server-9.6p1-2.1.x86_64",
"product_id": "openssh-server-9.6p1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
"product_id": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x"
},
"product_reference": "openssh-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-clients-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x"
},
"product_reference": "openssh-clients-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-clients-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-common-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x"
},
"product_reference": "openssh-common-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-common-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-fips-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x"
},
"product_reference": "openssh-fips-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-fips-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-server-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x"
},
"product_reference": "openssh-server-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-server-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:06Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51385"
}
],
"notes": [
{
"category": "general",
"text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51385",
"url": "https://www.suse.com/security/cve/CVE-2023-51385"
},
{
"category": "external",
"summary": "SUSE Bug 1218215 for CVE-2023-51385",
"url": "https://bugzilla.suse.com/1218215"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-51385",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2024-39894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39894"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39894",
"url": "https://www.suse.com/security/cve/CVE-2024-39894"
},
{
"category": "external",
"summary": "SUSE Bug 1227318 for CVE-2024-39894",
"url": "https://bugzilla.suse.com/1227318"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:06Z",
"details": "moderate"
}
],
"title": "CVE-2024-39894"
},
{
"cve": "CVE-2024-6387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6387"
}
],
"notes": [
{
"category": "general",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6387",
"url": "https://www.suse.com/security/cve/CVE-2024-6387"
},
{
"category": "external",
"summary": "SUSE Bug 1226641 for CVE-2024-6387",
"url": "https://bugzilla.suse.com/1226641"
},
{
"category": "external",
"summary": "SUSE Bug 1226642 for CVE-2024-6387",
"url": "https://bugzilla.suse.com/1226642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-clients-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-common-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-fips-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-9.6p1-2.1.x86_64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.aarch64",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.s390x",
"SUSE Linux Micro 6.0:openssh-server-config-rootlogin-9.6p1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:06Z",
"details": "important"
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-040
Vulnerability from csaf_trumpfsecokg - Published: 2024-06-25 10:00 - Updated: 2025-04-10 13:00Summary
Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities
Notes
Summary: TruControl laser control software prior to version 1.60.0 uses an OpenSSH server version affected by CVE-2024-6387. The affected OpenSSH Server version could potentially lead to a remote code execution.
Impact: To be able to exploit this vulnerability the attacker first needs to gain any kind of network access to the system.
The remote code execution vulnerability enables the attacker a potential access into the laser control system which could lead to following possible impacts/damages to the system:
* Data loss in the laser control
* Standstill of production
Damage by change of the laser control
Safety is not affected since it is controlled by an independent electromechanical safety mechanism.
Remediation: Update to the newest release 4.04.0 of the TruControl software version
Please contact your service partner (service.tls@trumpf.com) for instructions on how to get automatically informed for the newest major release 4.04.0 of the TruControl software version
General Recommendation: Securing the production network.
In case of doubt please disconnect the laser completely from network.
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — | ||
| Unresolved product id: CSAFPID-32010 | — |
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31002 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31003 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31004 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31005 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31006 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31007 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31008 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31009 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31010 | — |
Vendor Fix
|
References
4 references
Acknowledgments
CERT@VDE
certvde.com
Qualys Research Labs
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "TruControl laser control software prior to version 1.60.0 uses an OpenSSH server version affected by CVE-2024-6387. The affected OpenSSH Server version could potentially lead to a remote code execution.",
"title": "Summary"
},
{
"category": "description",
"text": "To be able to exploit this vulnerability the attacker first needs to gain any kind of network access to the system.\nThe remote code execution vulnerability enables the attacker a potential access into the laser control system which could lead to following possible impacts/damages to the system: \n* Data loss in the laser control \n* Standstill of production \nDamage by change of the laser control\nSafety is not affected since it is controlled by an independent electromechanical safety mechanism.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the newest release 4.04.0 of the TruControl software version \nPlease contact your service partner (service.tls@trumpf.com) for instructions on how to get automatically informed for the newest major release 4.04.0 of the TruControl software version ",
"title": "Remediation"
},
{
"category": "general",
"text": "Securing the production network. \nIn case of doubt please disconnect the laser completely from network.",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "product.security@trumpf.com",
"name": "Trumpf SE + Co. KG",
"namespace": "https://www.trumpf.com"
},
"references": [
{
"category": "external",
"summary": "TRUMPF Laser SE - PSIRT",
"url": "https://www.trumpf.com/en_US/meta/security-with-trumpf/security-advisories/"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for TRUMPF Laser",
"url": "https://certvde.com/en/advisories/vendor/trumpf-laser/"
},
{
"category": "self",
"summary": "VDE-2024-040: Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-040/"
},
{
"category": "self",
"summary": "VDE-2024-040: Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities - CSAF",
"url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-040.json"
}
],
"title": "Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities",
"tracking": {
"aliases": [
"VDE-2024-040"
],
"current_release_date": "2025-04-10T13:00:00.000Z",
"generator": {
"date": "2024-11-14T11:10:05.793Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.13"
}
},
"id": "VDE-2024-040",
"initial_release_date": "2024-06-25T10:00:00.000Z",
"revision_history": [
{
"date": "2024-06-25T10:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "2",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2024-11-14T12:00:00.000Z",
"number": "3",
"summary": "removed issuing authority as it is the same as the publisher"
},
{
"date": "2025-04-10T13:00:00.000Z",
"number": "4",
"summary": "Fixed CSAF self-reference URL"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "TruPulse",
"product": {
"name": "TruPulse",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "TruDisk",
"product": {
"name": "TruDisk",
"product_id": "CSAFPID-11002"
}
},
{
"category": "product_name",
"name": "TruDiode",
"product": {
"name": "TruDiode",
"product_id": "CSAFPID-11003"
}
},
{
"category": "product_name",
"name": "TruMicro 2000",
"product": {
"name": "TruMicro 2000",
"product_id": "CSAFPID-11004"
}
},
{
"category": "product_name",
"name": "TruMicro 5000",
"product": {
"name": "TruMicro 5000",
"product_id": "CSAFPID-11005"
}
},
{
"category": "product_name",
"name": "TruMicro 6000",
"product": {
"name": "TruMicro 6000",
"product_id": "CSAFPID-11006"
}
},
{
"category": "product_name",
"name": "TruMicro 7000",
"product": {
"name": "TruMicro 7000",
"product_id": "CSAFPID-11007"
}
},
{
"category": "product_name",
"name": "TruMicro 8000",
"product": {
"name": "TruMicro 8000",
"product_id": "CSAFPID-11008"
}
},
{
"category": "product_name",
"name": "TruMicro 9000",
"product": {
"name": "TruMicro 9000",
"product_id": "CSAFPID-11009"
}
},
{
"category": "product_name",
"name": "redpowerDirect",
"product": {
"name": "redpowerDirect",
"product_id": "CSAFPID-11010"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.60.0",
"product": {
"name": "Firmware TruControl \u003c1.60.0",
"product_id": "CSAFPID-51002"
}
},
{
"category": "product_version",
"name": "1.60.0",
"product": {
"name": "Firmware TruControl 1.60.0",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "TruControl"
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "TRUMPF Laser SE"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
],
"summary": "Affected products"
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010"
],
"summary": "Fixed products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruPulse",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruDisk",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruDiode",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 2000",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 5000",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 6000",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 7000",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 8000",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on TruMicro 9000",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl \u003c1.60.0 installed on redpowerDirect",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruPulse",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruDisk",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruDiode",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 2000",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 5000",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 6000",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 7000",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 8000",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on TruMicro 9000",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware TruControl 1.60.0 installed on redpowerDirect",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-52001",
"relates_to_product_reference": "CSAFPID-11010"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"organization": "Qualys Research Labs"
}
],
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
},
{
"audience": "operational management and system administrators",
"category": "details",
"text": "The affected OpenSSH Server version could potentially lead to a remote code execution.",
"title": "Vulnerability characterisation"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-25T10:00:00.000Z",
"details": "Update to first fixed version 1.06.00 or ideally to the newest release 04.04.00",
"entitlements": [
"\u2022\tPlease contact your service partner (service.tls@trumpf.com) for instructions on how to get automatically informed for the new major release 4.04.0 of the TruControl software version \n"
],
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
],
"restart_required": {
"category": "system"
}
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-042
Vulnerability from csaf_mbconnectlinegmbh - Published: 2023-08-17 12:00 - Updated: 2023-08-17 12:00Summary
MB connect line: Multiple products are vulnerable to regreSSHion
Notes
Summary: Several Red Lion Europe products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".
Impact: Possible full system compromise where an attacker can execute arbitrary code with the highest privileges.
Mitigation: Prevent all access to the sshd daemon listening on port 22.
Remediation: Update to latest firmware:
2.16.1 for mbCONNECT24/mymbCONNECT24
8.2.0 for mbNET/mbNET.rokey
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Mitigation
Prevent all access to the sshd daemon listening on port 22.
Vendor Fix
Update to latest firmware:
2.16.1 for mbCONNECT24/mymbCONNECT24
8.2.0 for mbNET/mbNET.rokey
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
mbCONNECT24 2.16.1
Red Lion Europe / Software / mbCONNECT24
|
2.16.1 | ||
|
mbNET 8.2.0
Red Lion Europe / Software / mbNET
|
8.2.0 | ||
|
mbNET.rokey 8.2.0
Red Lion Europe / Software / mbNET.rokey
|
8.2.0 | ||
|
mymbCONNECT24 2.16.1
Red Lion Europe / Software / mymbCONNECT24
|
2.16.1 | ||
|
mbCONNECT24 2.16.1
MB connect line / Software / mbCONNECT24
|
2.16.1 | ||
|
mbNET 8.2.0
MB connect line / Software / mbNET
|
8.2.0 | ||
|
mbNET.rokey 8.2.0
MB connect line / Software / mbNET.rokey
|
8.2.0 | ||
|
mymbCONNECT24 2.16.1
MB connect line / Software / mymbCONNECT24
|
2.16.1 |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
mbCONNECT24 <2.16.1
Red Lion Europe / Software / mbCONNECT24
|
<2.16.1 | ||
|
mbNET 8.0.0<8.2.0
Red Lion Europe / Software / mbNET
|
8.0.0<8.2.0 | ||
|
mbNET.rokey 8.0.0<8.2.0
Red Lion Europe / Software / mbNET.rokey
|
8.0.0<8.2.0 | ||
|
mymbCONNECT24 <2.16.1
Red Lion Europe / Software / mymbCONNECT24
|
<2.16.1 | ||
|
mbCONNECT24 <2.16.1
MB connect line / Software / mbCONNECT24
|
<2.16.1 | ||
|
mbNET 8.0.0<8.2.0
MB connect line / Software / mbNET
|
8.0.0<8.2.0 | ||
|
mbNET.rokey 8.0.0<8.2.0
MB connect line / Software / mbNET.rokey
|
8.0.0<8.2.0 | ||
|
mymbCONNECT24 <2.16.1
MB connect line / Software / mymbCONNECT24
|
<2.16.1 |
References
3 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Several Red Lion Europe products are vulnerable to a possible race condition vulnerability in OpenSSH named \"regreSSHion\".",
"title": "Summary"
},
{
"category": "description",
"text": "Possible full system compromise where an attacker can execute arbitrary code with the highest privileges.",
"title": "Impact"
},
{
"category": "description",
"text": "Prevent all access to the sshd daemon listening on port 22.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to latest firmware:\n\n2.16.1 for mbCONNECT24/mymbCONNECT24\n8.2.0 for mbNET/mbNET.rokey",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security-team@mbconnectline.de",
"name": "MB connect line GmbH",
"namespace": "https://mbconnectline.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for MB connect line GmbH",
"url": "https://certvde.com/en/advisories/vendor/mbconnectline/"
},
{
"category": "self",
"summary": "VDE-2024-042: MB connect line: Multiple products are vulnerable to regreSSHion - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-042/"
},
{
"category": "self",
"summary": "VDE-2024-042: MB connect line: Multiple products are vulnerable to regreSSHion - CSAF",
"url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2024-042.json"
}
],
"title": "MB connect line: Multiple products are vulnerable to regreSSHion",
"tracking": {
"aliases": [
"VDE-2024-042"
],
"current_release_date": "2023-08-17T12:00:00.000Z",
"generator": {
"date": "2025-06-12T08:19:54.167Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.27"
}
},
"id": "VDE-2024-042",
"initial_release_date": "2023-08-17T12:00:00.000Z",
"revision_history": [
{
"date": "2023-08-17T12:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.16.1",
"product": {
"name": "mbCONNECT24 \u003c2.16.1",
"product_id": "CSAFPID-51001"
}
},
{
"category": "product_version",
"name": "2.16.1",
"product": {
"name": "mbCONNECT24 2.16.1",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "mbCONNECT24"
},
{
"branches": [
{
"category": "product_version_range",
"name": "8.0.0\u003c8.2.0",
"product": {
"name": "mbNET 8.0.0\u003c8.2.0",
"product_id": "CSAFPID-51002"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "mbNET 8.2.0",
"product_id": "CSAFPID-52002"
}
}
],
"category": "product_name",
"name": "mbNET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "8.0.0\u003c8.2.0",
"product": {
"name": "mbNET.rokey 8.0.0\u003c8.2.0",
"product_id": "CSAFPID-51003"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "mbNET.rokey 8.2.0",
"product_id": "CSAFPID-52003"
}
}
],
"category": "product_name",
"name": "mbNET.rokey"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.16.1",
"product": {
"name": "mymbCONNECT24 \u003c2.16.1",
"product_id": "CSAFPID-51004"
}
},
{
"category": "product_version",
"name": "2.16.1",
"product": {
"name": "mymbCONNECT24 2.16.1",
"product_id": "CSAFPID-52004"
}
}
],
"category": "product_name",
"name": "mymbCONNECT24"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Red Lion Europe"
},
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.16.1",
"product": {
"name": "mbCONNECT24 \u003c2.16.1",
"product_id": "CSAFPID-51005"
}
},
{
"category": "product_version",
"name": "2.16.1",
"product": {
"name": "mbCONNECT24 2.16.1",
"product_id": "CSAFPID-52005"
}
}
],
"category": "product_name",
"name": "mbCONNECT24"
},
{
"branches": [
{
"category": "product_version_range",
"name": "8.0.0\u003c8.2.0",
"product": {
"name": "mbNET 8.0.0\u003c8.2.0",
"product_id": "CSAFPID-51006"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "mbNET 8.2.0",
"product_id": "CSAFPID-52006"
}
}
],
"category": "product_name",
"name": "mbNET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "8.0.0\u003c8.2.0",
"product": {
"name": "mbNET.rokey 8.0.0\u003c8.2.0",
"product_id": "CSAFPID-51007"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "mbNET.rokey 8.2.0",
"product_id": "CSAFPID-52007"
}
}
],
"category": "product_name",
"name": "mbNET.rokey"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.16.1",
"product": {
"name": "mymbCONNECT24 \u003c2.16.1",
"product_id": "CSAFPID-51008"
}
},
{
"category": "product_version",
"name": "2.16.1",
"product": {
"name": "mymbCONNECT24 2.16.1",
"product_id": "CSAFPID-52008"
}
}
],
"category": "product_name",
"name": "mymbCONNECT24"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "MB connect line"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008"
],
"summary": "Affected products "
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003",
"CSAFPID-52004",
"CSAFPID-52005",
"CSAFPID-52006",
"CSAFPID-52007",
"CSAFPID-52008"
],
"summary": "Fixed products"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003",
"CSAFPID-52004",
"CSAFPID-52005",
"CSAFPID-52006",
"CSAFPID-52007",
"CSAFPID-52008"
],
"known_affected": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Prevent all access to the sshd daemon listening on port 22.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest firmware:\n\n2.16.1 for mbCONNECT24/mymbCONNECT24\n8.2.0 for mbNET/mbNET.rokey",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008"
]
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-043
Vulnerability from csaf_welotecgmbh - Published: 2024-08-22 06:00 - Updated: 2024-08-22 06:00Summary
Welotec: Multiple products are vulnerable to regreSSHion
Notes
Summary: Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.
Impact: The vulnerability can lead to unauthenticated remote code execution.
Mitigation: Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information
Remediation: Update egOS on affected products to version v1.5.4
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Mitigation
Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information
Vendor Fix
Update egOS on affected products to version v1.5.4
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — | ||
| Unresolved product id: CSAFPID-32010 | — | ||
| Unresolved product id: CSAFPID-32011 | — | ||
| Unresolved product id: CSAFPID-32012 | — | ||
| Unresolved product id: CSAFPID-32013 | — | ||
| Unresolved product id: CSAFPID-32014 | — | ||
| Unresolved product id: CSAFPID-32015 | — | ||
| Unresolved product id: CSAFPID-32016 | — | ||
| Unresolved product id: CSAFPID-32017 | — | ||
| Unresolved product id: CSAFPID-32018 | — | ||
| Unresolved product id: CSAFPID-32019 | — | ||
| Unresolved product id: CSAFPID-32020 | — | ||
| Unresolved product id: CSAFPID-32021 | — |
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — | ||
| Unresolved product id: CSAFPID-31011 | — | ||
| Unresolved product id: CSAFPID-31012 | — | ||
| Unresolved product id: CSAFPID-31013 | — | ||
| Unresolved product id: CSAFPID-31014 | — | ||
| Unresolved product id: CSAFPID-31015 | — | ||
| Unresolved product id: CSAFPID-31016 | — | ||
| Unresolved product id: CSAFPID-31017 | — | ||
| Unresolved product id: CSAFPID-31018 | — | ||
| Unresolved product id: CSAFPID-31019 | — | ||
| Unresolved product id: CSAFPID-31020 | — | ||
| Unresolved product id: CSAFPID-31021 | — |
References
4 references
| URL | Category |
|---|---|
| https://certvde.com/en/advisories/VDE-2024-043/ | self |
| https://welotec.csaf-tp.certvde.com/.well-known/c… | self |
| https://welotec.com | external |
| https://certvde.com/en/advisories/vendor/welotec/ | external |
Acknowledgments
CERT@VDE
certvde.com
Qualys Threat Research Unit (TRU)
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "Qualys Threat Research Unit (TRU)",
"summary": "reporting"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.",
"title": "Summary"
},
{
"category": "description",
"text": "The vulnerability can lead to unauthenticated remote code execution.",
"title": "Impact"
},
{
"category": "description",
"text": "Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update egOS on affected products to version v1.5.4",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@welotec.com",
"name": "Welotec GmbH",
"namespace": "https://welotec.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2024-043: Welotec: Multiple products are vulnerable to regreSSHion - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-043/"
},
{
"category": "self",
"summary": "VDE-2024-043: Welotec: Multiple products are vulnerable to regreSSHion - CSAF",
"url": "https://welotec.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-043.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://welotec.com"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Welotec GmbH",
"url": "https://certvde.com/en/advisories/vendor/welotec/"
}
],
"title": "Welotec: Multiple products are vulnerable to regreSSHion",
"tracking": {
"aliases": [
"VDE-2024-043"
],
"current_release_date": "2024-08-22T06:00:00.000Z",
"generator": {
"date": "2025-04-14T08:39:21.553Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.23"
}
},
"id": "VDE-2024-043",
"initial_release_date": "2024-08-22T06:00:00.000Z",
"revision_history": [
{
"date": "2024-08-22T06:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EG500Mk2-A11001-000101",
"product": {
"name": "EG500Mk2-A11001-000101",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"WEG500100170"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-A11001-000201",
"product": {
"name": "EG500Mk2-A11001-000201",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"WEG500100290"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-A11101-000101",
"product": {
"name": "EG500Mk2-A11101-000101",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"WEG500100160"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-A12011-000101",
"product": {
"name": "EG500Mk2-A12011-000101",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"WEG500100280"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-B11001-000101",
"product": {
"name": "EG500Mk2-B11001-000101",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"WEG500100190"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-B11101-000101",
"product": {
"name": "EG500Mk2-B11101-000101",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"WEG500100180"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-C11001-000101",
"product": {
"name": "EG500Mk2-C11001-000101",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"WEG500100270"
]
}
}
},
{
"category": "product_name",
"name": "EG500Mk2-C11101-000101",
"product": {
"name": "EG500Mk2-C11101-000101",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"WEG500100260"
]
}
}
},
{
"category": "product_name",
"name": "EG503L",
"product": {
"name": "EG503L",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"WEG500100020"
]
}
}
},
{
"category": "product_name",
"name": "EG503L_4GB",
"product": {
"name": "EG503L_4GB",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"WEG500100040"
]
}
}
},
{
"category": "product_name",
"name": "EG503L-G",
"product": {
"name": "EG503L-G",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"WEG500100130"
]
}
}
},
{
"category": "product_name",
"name": "EG503W",
"product": {
"name": "EG503W",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"WEG500100010"
]
}
}
},
{
"category": "product_name",
"name": "EG503W_4GB",
"product": {
"name": "EG503W_4GB",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"WEG500100030"
]
}
}
},
{
"category": "product_name",
"name": "EG602L",
"product": {
"name": "EG602L",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"WEG600100020"
]
}
}
},
{
"category": "product_name",
"name": "EG602W",
"product": {
"name": "EG602W",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"WEG600100010"
]
}
}
},
{
"category": "product_name",
"name": "EG603L Mk2",
"product": {
"name": "EG603L Mk2",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"WEG600100050"
]
}
}
},
{
"category": "product_name",
"name": "EG603W Mk2",
"product": {
"name": "EG603W Mk2",
"product_id": "CSAFPID-11017",
"product_identification_helper": {
"model_numbers": [
"WEG600100040"
]
}
}
},
{
"category": "product_name",
"name": "EG802W",
"product": {
"name": "EG802W",
"product_id": "CSAFPID-11018",
"product_identification_helper": {
"model_numbers": [
"WEG800100010"
]
}
}
},
{
"category": "product_name",
"name": "EG802W_i7_512GB_DinRail",
"product": {
"name": "EG802W_i7_512GB_DinRail",
"product_id": "CSAFPID-11019",
"product_identification_helper": {
"model_numbers": [
"WEG800100040"
]
}
}
},
{
"category": "product_name",
"name": "EG802W_i7_512GB_w/o DinRail",
"product": {
"name": "EG802W_i7_512GB_w/o DinRail",
"product_id": "CSAFPID-11020",
"product_identification_helper": {
"model_numbers": [
"WEG800100050"
]
}
}
},
{
"category": "product_name",
"name": "EG804W",
"product": {
"name": "EG804W",
"product_id": "CSAFPID-11021",
"product_identification_helper": {
"model_numbers": [
"WEG800100020"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=v1.5.3",
"product": {
"name": "Firmware \u003c=v1.5.3",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "v1.5.4",
"product": {
"name": "Firmware v1.5.4",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Welotec"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11001-000101",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11001-000201",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A11101-000101",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-A12011-000101",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-B11001-000101",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-B11101-000101",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-C11001-000101",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG500Mk2-C11101-000101",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG503L",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG503L_4GB",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG503L-G",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG503W",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG503W_4GB",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG602L",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG602W",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG603L Mk2",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG603W Mk2",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG802W",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG802W_i7_512GB_DinRail",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG802W_i7_512GB_w/o DinRail",
"product_id": "CSAFPID-31020"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=v1.5.3 installed on EG804W",
"product_id": "CSAFPID-31021"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-A11001-000101",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-A11001-000201",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-A11101-000101",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-A12011-000101",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-B11001-000101",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-B11101-000101",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-C11001-000101",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG500Mk2-C11101-000101",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG503L",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG503L_4GB",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG503L-G",
"product_id": "CSAFPID-32011"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG503W",
"product_id": "CSAFPID-32012"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG503W_4GB",
"product_id": "CSAFPID-32013"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG602L",
"product_id": "CSAFPID-32014"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG602W",
"product_id": "CSAFPID-32015"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG603L Mk2",
"product_id": "CSAFPID-32016"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG603W Mk2",
"product_id": "CSAFPID-32017"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG802W",
"product_id": "CSAFPID-32018"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG802W_i7_512GB_DinRail",
"product_id": "CSAFPID-32019"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG802W_i7_512GB_w/o DinRail",
"product_id": "CSAFPID-32020"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware v1.5.4 installed on EG804W",
"product_id": "CSAFPID-32021"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11021"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update egOS on affected products to version v1.5.4",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021"
]
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-044
Vulnerability from csaf_helmholzgmbhcokg - Published: 2024-07-31 08:00 - Updated: 2025-05-14 12:28Summary
Helmholz: Multiple products are vulnerable to regreSSHion
Notes
Summary: Several Helmholz products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".
Impact: Possible full system compromise where an attacker can execute arbitrary code with the highest privileges.
Mitigation: Prevent all access to the sshd daemon listening on port 22.
Remediation: Update to latest firmware:
* 2.16.1 for myREX24 V2/myREX24 V2 virtual
* 8.2.0 for REX200/REX250
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Mitigation
Prevent all access to the sshd daemon listening on port 22.
Vendor Fix
Update to latest firmware:
* 2.16.1 for myREX24 V2/myREX24 V2 virtual
* 8.2.0 for REX200/REX250
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — |
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
References
4 references
| URL | Category |
|---|---|
| https://www.helmholz.de | external |
| https://certvde.com/en/advisories/vendor/helmholz/ | external |
| https://certvde.com/en/advisories/VDE-2024-044/ | self |
| https://helmholz.csaf-tp.certvde.com/.well-known/… | self |
Acknowledgments
CERTVDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERTVDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Several Helmholz products are vulnerable to a possible race condition vulnerability in OpenSSH named \"regreSSHion\".",
"title": "Summary"
},
{
"category": "description",
"text": "Possible full system compromise where an attacker can execute arbitrary code with the highest privileges.",
"title": "Impact"
},
{
"category": "description",
"text": "Prevent all access to the sshd daemon listening on port 22.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to latest firmware: \n\n * 2.16.1 for myREX24 V2/myREX24 V2 virtual \n * 8.2.0 for REX200/REX250",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@helmholz.de",
"name": "Helmholz GmbH \u0026 Co. KG",
"namespace": "https://www.helmholz.de"
},
"references": [
{
"category": "external",
"summary": "psirt@helmholz.de",
"url": "https://www.helmholz.de"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories",
"url": "https://certvde.com/en/advisories/vendor/helmholz/"
},
{
"category": "self",
"summary": "VDE-2024-044: Helmholz: Multiple products are vulnerable to regreSSHion - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-044/"
},
{
"category": "self",
"summary": "VDE-2024-044: Helmholz: Multiple products are vulnerable to regreSSHion - CSAF",
"url": "https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-044.json"
}
],
"title": "Helmholz: Multiple products are vulnerable to regreSSHion",
"tracking": {
"aliases": [
"VDE-2024-044"
],
"current_release_date": "2025-05-14T12:28:19.000Z",
"generator": {
"date": "2024-09-25T09:30:45.003Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.12"
}
},
"id": "VDE-2024-044",
"initial_release_date": "2024-07-31T08:00:00.000Z",
"revision_history": [
{
"date": "2024-07-31T08:00:00.000Z",
"number": "1",
"summary": "initial revision"
},
{
"date": "2025-05-14T12:28:19.000Z",
"number": "2",
"summary": "Fix: version space, added distribution"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "myREX24 V2",
"product": {
"name": "myREX24 V2",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "myREX24 V2 virtual",
"product": {
"name": "myREX24 V2 virtual",
"product_id": "CSAFPID-11002"
}
},
{
"category": "product_name",
"name": "REX200",
"product": {
"name": "REX200",
"product_id": "CSAFPID-11003"
}
},
{
"category": "product_name",
"name": "REX250",
"product": {
"name": "REX250",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.16.1",
"product": {
"name": "Firmware \u003c2.16.1",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2.16.1",
"product": {
"name": "Firmware 2.16.1",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "8.0.0\u003c8.2.0",
"product": {
"name": "Firmware 8.0.0\u003c8.2.0",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "Firmware 8.2.0",
"product_id": "CSAFPID-22003"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Helmholz GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"summary": "Affected Products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"summary": "Fixed Products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.16.1 installed on myREX24 V2",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.1 installed on myREX24 V2",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.16.1 installed on myREX24 V2 virtual",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.1 installed on myREX24 V2 virtual",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.0.0\u003c8.2.0 installed on REX200",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.0 installed on REX200",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.0.0\u003c8.2.0 installed on REX250",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.0 installed on REX250",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11004"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Prevent all access to the sshd daemon listening on port 22.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to latest firmware: \n\n * 2.16.1 for myREX24 V2/myREX24 V2 virtual \n * 8.2.0 for REX200/REX250",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-051
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2024-09-10 10:00 - Updated: 2025-05-14 13:00Summary
Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH
Severity
High
Notes
Summary: mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.
Impact: Attackers can inject code in the SSH server, which is run with high privileges.
Mitigation: Access to the SSH server should be limited to trustworthy networks or peers.
Remote access to the SSH server should be disabled.
Remediation: Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.
General Recommendation: For general information and recommendations on security measures refer to the mGuard documentation: https://help.mguard.com/en/documentation
Product Description: mGuards are industrial routers and security appliances
There is a vulnerability in the OpenSSH server, which is used by the mGuard. If a connected SSH client does not authenticate within 120 seconds, the sshd's SIGALRM handler is called asynchronously. As the handler calls functions, that are not async-signal-safe, a race condition can be exploited for code injection.
8.1 (High)
Mitigation
Access to the SSH server should be limited to trustworthy networks or peers.
Mitigation
Remote access to the SSH server should be disabled.
Vendor Fix
Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — | ||
| Unresolved product id: CSAFPID-32010 | — | ||
| Unresolved product id: CSAFPID-32011 | — | ||
| Unresolved product id: CSAFPID-32012 | — | ||
| Unresolved product id: CSAFPID-32013 | — | ||
| Unresolved product id: CSAFPID-32014 | — | ||
| Unresolved product id: CSAFPID-32015 | — | ||
| Unresolved product id: CSAFPID-32016 | — | ||
| Unresolved product id: CSAFPID-32017 | — | ||
| Unresolved product id: CSAFPID-32018 | — | ||
| Unresolved product id: CSAFPID-32019 | — | ||
| Unresolved product id: CSAFPID-32020 | — | ||
| Unresolved product id: CSAFPID-32021 | — | ||
| Unresolved product id: CSAFPID-32022 | — | ||
| Unresolved product id: CSAFPID-32023 | — | ||
| Unresolved product id: CSAFPID-32024 | — | ||
| Unresolved product id: CSAFPID-32025 | — | ||
| Unresolved product id: CSAFPID-32026 | — | ||
| Unresolved product id: CSAFPID-32027 | — | ||
| Unresolved product id: CSAFPID-32028 | — | ||
| Unresolved product id: CSAFPID-32029 | — | ||
| Unresolved product id: CSAFPID-32030 | — | ||
| Unresolved product id: CSAFPID-32031 | — | ||
| Unresolved product id: CSAFPID-32032 | — | ||
| Unresolved product id: CSAFPID-32033 | — | ||
| Unresolved product id: CSAFPID-32034 | — | ||
| Unresolved product id: CSAFPID-32035 | — | ||
| Unresolved product id: CSAFPID-32036 | — | ||
| Unresolved product id: CSAFPID-32037 | — |
Known affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — | ||
| Unresolved product id: CSAFPID-31011 | — | ||
| Unresolved product id: CSAFPID-31012 | — | ||
| Unresolved product id: CSAFPID-31013 | — | ||
| Unresolved product id: CSAFPID-31014 | — | ||
| Unresolved product id: CSAFPID-31015 | — | ||
| Unresolved product id: CSAFPID-31016 | — | ||
| Unresolved product id: CSAFPID-31017 | — | ||
| Unresolved product id: CSAFPID-31018 | — | ||
| Unresolved product id: CSAFPID-31019 | — | ||
| Unresolved product id: CSAFPID-31020 | — | ||
| Unresolved product id: CSAFPID-31021 | — | ||
| Unresolved product id: CSAFPID-31022 | — | ||
| Unresolved product id: CSAFPID-31023 | — | ||
| Unresolved product id: CSAFPID-31024 | — | ||
| Unresolved product id: CSAFPID-31025 | — | ||
| Unresolved product id: CSAFPID-31026 | — | ||
| Unresolved product id: CSAFPID-31027 | — | ||
| Unresolved product id: CSAFPID-31028 | — | ||
| Unresolved product id: CSAFPID-31029 | — | ||
| Unresolved product id: CSAFPID-31030 | — | ||
| Unresolved product id: CSAFPID-31031 | — | ||
| Unresolved product id: CSAFPID-31032 | — | ||
| Unresolved product id: CSAFPID-31033 | — | ||
| Unresolved product id: CSAFPID-31034 | — | ||
| Unresolved product id: CSAFPID-31035 | — | ||
| Unresolved product id: CSAFPID-31036 | — | ||
| Unresolved product id: CSAFPID-31037 | — |
References
5 references
| URL | Category |
|---|---|
| https://phoenixcontact.com/psirt | external |
| https://phoenixcontact.com/psirt | external |
| https://certvde.com/de/advisories/vendor/phoenixc… | external |
| https://certvde.com/en/advisories/VDE-2024-051 | self |
| https://phoenixcontact.csaf-tp.certvde.com/.well-… | self |
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "high"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.",
"title": "Summary"
},
{
"category": "description",
"text": "Attackers can inject code in the SSH server, which is run with high privileges.",
"title": "Impact"
},
{
"category": "description",
"text": "Access to the SSH server should be limited to trustworthy networks or peers.\nRemote access to the SSH server should be disabled.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.",
"title": "Remediation"
},
{
"category": "general",
"text": "For general information and recommendations on security measures refer to the mGuard documentation: https://help.mguard.com/en/documentation",
"title": "General Recommendation"
},
{
"category": "description",
"text": "mGuards are industrial routers and security appliances",
"title": "Product Description"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2024/00009: mGuard firmware \u003c8.9.3 / 10.4.1 is vulnerable to an RCE in openSSH (regreSSHion)",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact PSIRT",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2024-051: Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-051"
},
{
"category": "self",
"summary": "VDE-2024-051: Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-051.json"
}
],
"title": "Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH",
"tracking": {
"aliases": [
"VDE-2024-051",
"PCSA-2024/00009"
],
"current_release_date": "2025-05-14T13:00:14.000Z",
"generator": {
"date": "2024-08-14T12:15:52.821Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.7"
}
},
"id": "VDE-2024-051",
"initial_release_date": "2024-09-10T10:00:00.000Z",
"revision_history": [
{
"date": "2024-09-10T10:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "2",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2025-04-10T13:00:00.000Z",
"number": "3",
"summary": "Fixed CSAF reference URL"
},
{
"date": "2025-05-14T13:00:14.000Z",
"number": "4",
"summary": "Fix: added distribution"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "FL MGUARD RS2000 TX/TX VPN",
"product": {
"name": "FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"2700642"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2005 TX VPN",
"product": {
"name": "FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2701875"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 3G VPN",
"product": {
"name": "TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"2903441"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX",
"product": {
"name": "FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"2700634"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX VPN",
"product": {
"name": "FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"2200515"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX",
"product": {
"name": "FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"2701876"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX VPN",
"product": {
"name": "FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"2701877"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 3G VPN",
"product": {
"name": "TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"2903440"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2000 TX/TX-B",
"product": {
"name": "FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"2702139"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX-P",
"product": {
"name": "FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"2702259"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX-M",
"product": {
"name": "FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"2702470"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000",
"product": {
"name": "FL MGUARD PCI4000",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"2701274"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000 VPN",
"product": {
"name": "FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"2701275"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCIE4000",
"product": {
"name": "FL MGUARD PCIE4000",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"2701277"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCIE4000 VPN",
"product": {
"name": "FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"2701278"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX",
"product": {
"name": "FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"2700967"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX VPN",
"product": {
"name": "FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-11017",
"product_identification_helper": {
"model_numbers": [
"2700968"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2",
"product": {
"name": "FL MGUARD SMART2",
"product_id": "CSAFPID-11018",
"product_identification_helper": {
"model_numbers": [
"2700640"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2 VPN",
"product": {
"name": "FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-11019",
"product_identification_helper": {
"model_numbers": [
"2700639"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CORE TX",
"product": {
"name": "FL MGUARD CORE TX",
"product_id": "CSAFPID-11020",
"product_identification_helper": {
"model_numbers": [
"2702884"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CORE TX VPN",
"product": {
"name": "FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-11021",
"product_identification_helper": {
"model_numbers": [
"2702831"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G VPN",
"product": {
"name": "TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-11022",
"product_identification_helper": {
"model_numbers": [
"2903588"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G VPN",
"product": {
"name": "TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-11023",
"product_identification_helper": {
"model_numbers": [
"2903586"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G VZW VPN",
"product": {
"name": "TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-11024",
"product_identification_helper": {
"model_numbers": [
"1010461"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G VZW VPN",
"product": {
"name": "TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-11025",
"product_identification_helper": {
"model_numbers": [
"1010462"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G ATT VPN",
"product": {
"name": "TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-11026",
"product_identification_helper": {
"model_numbers": [
"1010463"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G ATT VPN",
"product": {
"name": "TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-11027",
"product_identification_helper": {
"model_numbers": [
"1010464"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT",
"product": {
"name": "FL MGUARD GT/GT",
"product_id": "CSAFPID-11028",
"product_identification_helper": {
"model_numbers": [
"2700197"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT VPN",
"product": {
"name": "FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-11029",
"product_identification_helper": {
"model_numbers": [
"2700198"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CENTERPORT",
"product": {
"name": "FL MGUARD CENTERPORT",
"product_id": "CSAFPID-11030",
"product_identification_helper": {
"model_numbers": [
"2702547"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD CENTERPORT VPN-1000",
"product": {
"name": "FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-11031",
"product_identification_helper": {
"model_numbers": [
"2702820"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 2102",
"product": {
"name": "FL MGUARD 2102",
"product_id": "CSAFPID-11032",
"product_identification_helper": {
"model_numbers": [
"1357828"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 2105",
"product": {
"name": "FL MGUARD 2105",
"product_id": "CSAFPID-11033",
"product_identification_helper": {
"model_numbers": [
"1357850"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 4302",
"product": {
"name": "FL MGUARD 4302",
"product_id": "CSAFPID-11034",
"product_identification_helper": {
"model_numbers": [
"1357840"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 4305",
"product": {
"name": "FL MGUARD 4305",
"product_id": "CSAFPID-11035",
"product_identification_helper": {
"model_numbers": [
"1357875"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 4102 PCIE",
"product": {
"name": "FL MGUARD 4102 PCIE",
"product_id": "CSAFPID-11036",
"product_identification_helper": {
"model_numbers": [
"1357842"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD 4102 PCI",
"product": {
"name": "FL MGUARD 4102 PCI",
"product_id": "CSAFPID-11037",
"product_identification_helper": {
"model_numbers": [
"1441187"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.3",
"product": {
"name": "Firmware \u003c8.9.3",
"product_id": "CSAFPID-21892"
}
},
{
"category": "product_version",
"name": "8.9.3",
"product": {
"name": "Firmware 8.9.3",
"product_id": "CSAFPID-22893"
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.1",
"product": {
"name": "Firmware \u003c10.4.1",
"product_id": "CSAFPID-21040"
}
},
{
"category": "product_version",
"name": "10.4.1",
"product": {
"name": "Firmware 10.4.1",
"product_id": "CSAFPID-22041"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036",
"CSAFPID-31037"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025",
"CSAFPID-32026",
"CSAFPID-32027",
"CSAFPID-32028",
"CSAFPID-32029",
"CSAFPID-32030",
"CSAFPID-32031",
"CSAFPID-32032",
"CSAFPID-32033",
"CSAFPID-32034",
"CSAFPID-32035",
"CSAFPID-32036",
"CSAFPID-32037"
],
"summary": "Fixed Products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD PCI4000",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD PCIE4000",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD SMART2",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD CORE TX",
"product_id": "CSAFPID-31020"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-31021"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-31022"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11022"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-31023"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11023"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-31024"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11024"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-31025"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11025"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-31026"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11026"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-31027"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD GT/GT",
"product_id": "CSAFPID-31028"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-31029"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11029"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD CENTERPORT",
"product_id": "CSAFPID-31030"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11030"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.9.3 installed on FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-31031"
},
"product_reference": "CSAFPID-21892",
"relates_to_product_reference": "CSAFPID-11031"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 2102",
"product_id": "CSAFPID-31032"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11032"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 2105",
"product_id": "CSAFPID-31033"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11033"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 4302",
"product_id": "CSAFPID-31034"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11034"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 4305",
"product_id": "CSAFPID-31035"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11035"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 4102 PCIE",
"product_id": "CSAFPID-31036"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11036"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c10.4.1 installed on FL MGUARD 4102 PCI",
"product_id": "CSAFPID-31037"
},
"product_reference": "CSAFPID-21040",
"relates_to_product_reference": "CSAFPID-11037"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS2000 TX/TX-B",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD RS4000 TX/TX-M",
"product_id": "CSAFPID-32011"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD PCI4000",
"product_id": "CSAFPID-32012"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-32013"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD PCIE4000",
"product_id": "CSAFPID-32014"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-32015"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-32016"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-32017"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD SMART2",
"product_id": "CSAFPID-32018"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-32019"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD CORE TX",
"product_id": "CSAFPID-32020"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD CORE TX VPN",
"product_id": "CSAFPID-32021"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-32022"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11022"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-32023"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11023"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G VZW VPN",
"product_id": "CSAFPID-32024"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11024"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G VZW VPN",
"product_id": "CSAFPID-32025"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11025"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS4000 4G ATT VPN",
"product_id": "CSAFPID-32026"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11026"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on TC MGUARD RS2000 4G ATT VPN",
"product_id": "CSAFPID-32027"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD GT/GT",
"product_id": "CSAFPID-32028"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-32029"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11029"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD CENTERPORT",
"product_id": "CSAFPID-32030"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11030"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.9.3 installed on FL MGUARD CENTERPORT VPN-1000",
"product_id": "CSAFPID-32031"
},
"product_reference": "CSAFPID-22893",
"relates_to_product_reference": "CSAFPID-11031"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 2102",
"product_id": "CSAFPID-32032"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11032"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 2105",
"product_id": "CSAFPID-32033"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11033"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 4302",
"product_id": "CSAFPID-32034"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11034"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 4305",
"product_id": "CSAFPID-32035"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11035"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 4102 PCIE",
"product_id": "CSAFPID-32036"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11036"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 10.4.1 installed on FL MGUARD 4102 PCI",
"product_id": "CSAFPID-32037"
},
"product_reference": "CSAFPID-22041",
"relates_to_product_reference": "CSAFPID-11037"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "There is a vulnerability in the OpenSSH server, which is used by the mGuard. If a connected SSH client does not authenticate within 120 seconds, the sshd\u0027s SIGALRM handler is called asynchronously. As the handler calls functions, that are not async-signal-safe, a race condition can be exploited for code injection.",
"title": "Vulnerability Description"
},
{
"audience": "operational management and system administrators",
"category": "details",
"text": "Remote attackers without any authentication can inject code, which is run with high privileges.",
"title": "Vulnerability Impact"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025",
"CSAFPID-32026",
"CSAFPID-32027",
"CSAFPID-32028",
"CSAFPID-32029",
"CSAFPID-32030",
"CSAFPID-32031",
"CSAFPID-32032",
"CSAFPID-32033",
"CSAFPID-32034",
"CSAFPID-32035",
"CSAFPID-32036",
"CSAFPID-32037"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036",
"CSAFPID-31037"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Access to the SSH server should be limited to trustworthy networks or peers.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "mitigation",
"details": "Remote access to the SSH server should be disabled.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036",
"CSAFPID-31037"
]
}
],
"title": "CVE-2024-6387"
}
]
}
VDE-2024-071
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2024-12-09 11:00 - Updated: 2025-05-22 13:03Summary
Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware
Severity
Critical
Notes
Summary: Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS
Impact: Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Remediation: Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer. Check download area for latest Firmware update to be installed on EPC 1502 or EPC 1522.
General Recommendation: Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).
A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, only applications that directly call the SSL_free_buffers function are affected by this issue. Applications that do not call this function are not vulnerable. Our investigations indicate that this function is rarely used by applications.
5.6 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.
7.5 (High)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a '.git/' directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via 'git config --global core.symlinks false'), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
9 (Critical)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus ('p' parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
5.3 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.
5.9 (Medium)
Vendor Fix
Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — |
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — |
References
5 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination.",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer. Check download area for latest Firmware update to be installed on EPC 1502 or EPC 1522.",
"title": "Remediation"
},
{
"category": "general",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2024/00016",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
},
{
"category": "self",
"summary": "VDE-2024-071: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-071"
},
{
"category": "self",
"summary": "VDE-2024-071: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-071.json"
}
],
"source_lang": "en",
"title": "Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2024-071",
"PCSA-2024/00016"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2024-12-02T16:25:30.228Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.15"
}
},
"id": "VDE-2024-071",
"initial_release_date": "2024-12-09T11:00:00.000Z",
"revision_history": [
{
"date": "2024-12-09T11:00:00.000Z",
"number": "1",
"summary": "Initial"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: version space, contact details, quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072R",
"product": {
"name": "RFC 4072R",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1502",
"product": {
"name": "EPC 1502",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1522",
"product": {
"name": "EPC 1522",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"1264328"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.0.6 LTS",
"product": {
"name": "Firmware \u003c2024.0.6 LTS",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2024.0.6 LTS",
"product": {
"name": "Firmware 2024.0.6 LTS",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"summary": "Fixed Product."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 1152",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 1152",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 2152",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 2152",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on AXC F 3152",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on AXC F 3152",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on RFC 4072S",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on RFC 4072S",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on BPC 9102S",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on BPC 9102S",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on RFC 4072R",
"product_id": "CSAFPID-31008",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2024.0.6 LTS installed on RFC 4072R",
"product_id": "CSAFPID-32008",
"product_identification_helper": {
"model_numbers": [
"1136419"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on EPC 1502",
"product_id": "CSAFPID-31009",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2024.0.6 LTS installed on EPC 1522",
"product_id": "CSAFPID-31010",
"product_identification_helper": {
"model_numbers": [
"1264328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-4741](https://nvd.nist.gov/vuln/detail/CVE-2024-4741)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6387](https://nvd.nist.gov/vuln/detail/CVE-2024-6387)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-39894",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-39894](https://nvd.nist.gov/vuln/detail/CVE-2024-39894)",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-39894"
},
{
"cve": "CVE-2024-32002",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Git\u0027s recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution",
"title": "Summary"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-32002](https://nvd.nist.gov/vuln/detail/CVE-2024-32002)",
"title": "Details"
},
{
"audience": "all",
"category": "description",
"text": "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule\u0027s worktree but into a \u0027.git/\u0027 directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via \u0027git config --global core.symlinks false\u0027), the described attack won\u0027t work. As always, it is best to avoid cloning repositories from untrusted sources.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 9,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-32002"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (\u0027p\u0027 parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\n\n",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-4603](https://nvd.nist.gov/vuln/detail/CVE-2024-4603)",
"title": "Details"
},
{
"audience": "all",
"category": "summary",
"text": "Excessive time spent checking DSA keys and parameters",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Vulnerability Description"
},
{
"audience": "all",
"category": "details",
"text": "[https://www.suse.com/security/cve/CVE-2024-2511.html](https://www.suse.com/security/cve/CVE-2024-2511.html)",
"title": "Details"
},
{
"audience": "all",
"category": "summary",
"text": "Unbounded memory growth with session handling in TLSv1.3",
"title": "Summary"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007",
"CSAFPID-32008"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2024.0.6 LTS Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"group_ids": [
"CSAFGID-61001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010"
]
}
],
"title": "CVE-2024-2511"
}
]
}
VDE-2024-063
Vulnerability from csaf_pepperlfuchsse - Published: 2024-10-08 12:00 - Updated: 2025-05-14 12:28Summary
PEPPERL+FUCHS: Multiple products are affected by regreSSHion
Notes
Summary: The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this vulnerability to gain root access to the device.
Impact: An unauthenticated remote attacker can
• read files from the device
• modify or delete data on the device
• can interrupt the device functionality
Remediation: Update to the Firmware version 1.15.0.0.
A firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
8.1 (High)
Vendor Fix
Update to the Firmware version 1.15.0.0.
A firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — |
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — |
References
4 references
Acknowledgments
CERT@VDE
certvde.com
Pepperl+Fuchs SE
pepperl-fuchs.com/cybersecurity
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "Pepperl+Fuchs SE",
"summary": "reporting",
"urls": [
"https://pepperl-fuchs.com/cybersecurity"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this vulnerability to gain root access to the device.",
"title": "Summary"
},
{
"category": "description",
"text": "An unauthenticated remote attacker can\n\n\u2022 read files from the device\n\n\u2022 modify or delete data on the device\n\n\u2022 can interrupt the device functionality\n",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the Firmware version 1.15.0.0.\n\nA firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "cert@pepperl-fuchs.com",
"name": "Pepperl+Fuchs SE",
"namespace": "https://www.pepperl-fuchs.com"
},
"references": [
{
"category": "external",
"summary": "Pepperl+Fuchs PSIRT",
"url": "https://pepperl-fuchs.com/cybersecurity"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
"url": "https://certvde.com/en/advisories/vendor/Pepperl+Fuchs"
},
{
"category": "self",
"summary": "VDE-2024-063: PEPPERL+FUCHS: Multiple products are affected by regreSSHion - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-063"
},
{
"category": "self",
"summary": "VDE-2024-063: PEPPERL+FUCHS: Multiple products are affected by regreSSHion - CSAF",
"url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-063.json"
}
],
"title": "PEPPERL+FUCHS: Multiple products are affected by regreSSHion",
"tracking": {
"aliases": [
"VDE-2024-063"
],
"current_release_date": "2025-05-14T12:28:19.000Z",
"generator": {
"date": "2024-10-07T09:17:55.689Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.11"
}
},
"id": "VDE-2024-063",
"initial_release_date": "2024-10-08T12:00:00.000Z",
"revision_history": [
{
"date": "2024-10-02T10:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "2",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2025-05-14T12:28:19.000Z",
"number": "3",
"summary": "Fix: version space, added distribution"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "VSE1000-F400-B12-A1000",
"product": {
"name": "VSE1000-F400-B12-A1000",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"70123992-100000"
]
}
}
},
{
"category": "product_name",
"name": "VSE2000-F400-B12-A1000",
"product": {
"name": "VSE2000-F400-B12-A1000",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"70123992-100001"
]
}
}
},
{
"category": "product_name",
"name": "VSE3000-F400-B12-A1000",
"product": {
"name": "VSE3000-F400-B12-A1000",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"70123992-100002"
]
}
}
},
{
"category": "product_name",
"name": "VTE7500-F400-B12-A1500",
"product": {
"name": "VTE7500-F400-B12-A1500",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"70123993-100000"
]
}
}
}
],
"category": "product_family",
"name": "3D-Vision-Sensors"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.15.0.0",
"product": {
"name": "Firmware 3D-Vision-Sensors 1.15.0.0",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "\u003c1.15.0.0",
"product": {
"name": "Firmware 3D-Vision-Sensors \u003c1.15.0.0",
"product_id": "CSAFPID-21001"
}
}
],
"category": "product_family",
"name": "3D-Vision-Sensors"
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Pepperl+Fuchs"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "FW \u003c1.15.0.0 installed on VSE1000-F400-B12-A1000",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW \u003c1.15.0.0 installed on VSE2000-F400-B12-A1000",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW \u003c1.15.0.0 installed on VSE3000-F400-B12-A1000",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW \u003c1.15.0.0 installed on VTE7500-F400-B12-A1500",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW 1.15.0.0 installed on VSE1000-F400-B12-A1000",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW 1.15.0.0 installed on VSE2000-F400-B12-A1000",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW 1.15.0.0 installed on VSE3000-F400-B12-A1000",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "FW 1.15.0.0 installed on VTE7500-F400-B12-A1500",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the Firmware version 1.15.0.0.\n\nA firmware update will be made available shortly on the corresponding product page on the Pepper+Fuchs Homepage.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "CVE-2024-6387"
}
]
}
WID-SEC-W-2024-1486
Vulnerability from csaf_certbund - Published: 2024-06-30 22:00 - Updated: 2025-06-10 22:00Summary
OpenSSH: Schwachstelle ermöglicht Codeausführung
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um beliebigen Programmcode mit root Rechten auszuführen.
Betroffene Betriebssysteme: - Appliance
- CISCO Appliance
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
Affected products
Known affected
111 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Cisco Aironet Access Point 802.11ac Wave2
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:802.11ac_wave2
|
802.11ac Wave2 | |
|
Cisco Wireless Access Point 6300 Series Embedded
Cisco / Wireless Access Point
|
cpe:/h:cisco:wap:6300_series_embedded
|
6300 Series Embedded | |
|
Cisco Smart Software Manager On-Prem
Cisco
|
cpe:/a:cisco:smart_software_manager:-
|
— | |
|
Cisco FXOS Firepower Chassis Manager
Cisco / FXOS
|
cpe:/o:cisco:fxos:firepower_chassis_manager
|
Firepower Chassis Manager | |
|
Cisco Catalyst IW9165 Rugged Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9165_rugged_series
|
IW9165 Rugged Series | |
|
Cisco Catalyst IW9165 Heavy Duty Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9165_heavy_duty_series
|
IW9165 Heavy Duty Series | |
|
Cisco Catalyst IW6300 Heavy Duty Series Access Points
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw6300_heavy_duty_series_access_points
|
IW6300 Heavy Duty Series Access Points | |
|
Cisco Nexus Dashboard
Cisco
|
cpe:/a:cisco:nexus_dashboard:-
|
— | |
|
IGEL OS <11.10.150
IGEL / OS
|
<11.10.150 | ||
|
Dell Avamar Gen5a <Hotfix 338868
Dell / Avamar
|
Gen5a <Hotfix 338868 | ||
|
IGEL OS <12.4.2
IGEL / OS
|
<12.4.2 | ||
|
Alcatel Lucent Enterprise Desk Phone
Alcatel Lucent Enterprise
|
cpe:/h:alcatel-lucent:deskphone:-
|
— | |
|
IBM AIX 3.1
IBM / AIX
|
cpe:/o:ibm:aix:3.1
|
3.1 | |
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
IBM SAN Volume Controller
IBM
|
cpe:/a:ibm:san_volume_controller:-
|
— | |
|
IBM AIX 4.1
IBM / AIX
|
cpe:/o:ibm:aix:4.1
|
4.1 | |
|
Cisco Prime Infrastructure
Cisco
|
cpe:/a:cisco:prime_infrastructure:-
|
— | |
|
IBM Security Guardium 12.0
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:12.0
|
12 | |
|
Cisco Firepower Threat Defense
Cisco / Firepower
|
cpe:/a:cisco:firepower:threat_defense
|
Threat Defense | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Siemens SIMATIC S7 1500 CPU
Siemens / SIMATIC S7
|
cpe:/h:siemens:simatic_s7:1500_cpu
|
1500 CPU | |
|
Moxa Router
Moxa / Router
|
cpe:/h:moxa:router:-
|
— | |
|
Cisco IP Phone 9841
Cisco / IP Phone
|
cpe:/h:cisco:ip_phone:9841
|
9841 | |
|
Huawei iMaster NCE FabricInsight
Huawei
|
cpe:/a:huawei:imaster_nce_fabricinsight:-
|
— | |
|
Cisco Nexus 3000
Cisco / Nexus
|
cpe:/h:cisco:nexus:3000
|
3000 | |
|
Cisco Nexus 9000
Cisco / Nexus
|
cpe:/h:cisco:nexus:9000
|
9000 | |
|
Cisco IP Phone 9851
Cisco / IP Phone
|
cpe:/h:cisco:ip_phone:9851
|
9851 | |
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 | ||
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Huawei Router
Huawei
|
cpe:/h:huawei:router:-
|
— | |
|
Meinberg LANTIME <V7.08.014
Meinberg / LANTIME
|
<V7.08.014 | ||
|
IBM DB2 Cloud Pak
IBM / DB2
|
cpe:/a:ibm:db2:cloud_pak
|
Cloud Pak | |
|
Cisco Catalyst IW9167 Heavy Duty Series
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:iw9167_heavy_duty_series
|
IW9167 Heavy Duty Series | |
|
IBM Storwize
IBM
|
cpe:/a:ibm:storwize:-
|
— | |
|
Cisco Catalyst 9100 Series Access Points
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:9100_series_access_points
|
9100 Series Access Points | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Cisco Router ASR 5000
Cisco / Router
|
cpe:/h:cisco:router:asr_5000
|
ASR 5000 | |
|
Fortinet FortiAuthenticator
Fortinet
|
cpe:/a:fortinet:fortiauthenticator:-
|
— | |
|
Cisco ASA (Adaptive Security Appliance)
Cisco
|
cpe:/h:cisco:adaptive_security_appliance:-
|
— | |
|
Securepoint UTM <12.7.2
Securepoint / UTM
|
<12.7.2 | ||
|
Fortinet FortiMail
Fortinet
|
cpe:/a:fortinet:fortimail:-
|
— | |
|
Juniper JUNOS <24.4R1-EVO
Juniper / JUNOS
|
<24.4R1-EVO | ||
|
Juniper JUNOS <24.2R1-S2-EVO
Juniper / JUNOS
|
<24.2R1-S2-EVO | ||
|
Juniper JUNOS <24.4R1
Juniper / JUNOS
|
<24.4R1 | ||
|
Cisco Secure Email Gateway
Cisco
|
cpe:/h:cisco:secure_email_gateway:-
|
— | |
|
Juniper JUNOS <24.2R2-EVO
Juniper / JUNOS
|
<24.2R2-EVO | ||
|
Aruba ArubaOS CX Switches
Aruba / ArubaOS
|
cpe:/o:arubanetworks:arubaos:cx_switches
|
CX Switches | |
|
OTRS OTRS SaaS platform <2024-07
OTRS / OTRS
|
SaaS platform <2024-07 | ||
|
Fortinet FortiVoice
Fortinet
|
cpe:/a:fortinet:fortivoice:-
|
— | |
|
Fortinet FortiWeb
Fortinet
|
cpe:/a:fortinet:fortiweb:-
|
— | |
|
Arista EOS
Arista
|
cpe:/o:arista:arista_eos:-
|
— | |
|
Aruba EdgeConnect SD-WAN Orchestrator
Aruba / EdgeConnect
|
cpe:/a:aruba:edgeconnect:sd-wan_orchestrator
|
SD-WAN Orchestrator | |
|
QNAP NAS
QNAP / NAS
|
cpe:/h:qnap:nas:-
|
— | |
|
Cisco Catalyst 9800 Series Wireless Controllers
Cisco / Catalyst
|
cpe:/h:cisco:catalyst:9800_series_wireless_controllers
|
9800 Series Wireless Controllers | |
|
Alcatel Lucent Enterprise AOS
Alcatel Lucent Enterprise
|
cpe:/o:alcatel:aos:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Cisco Application Policy Infrastructure Controller
Cisco
|
cpe:/a:cisco:application_policy_infrastructure_controller:-
|
— | |
|
Cisco Unified Contact Center Express (UCCX)
Cisco
|
cpe:/a:cisco:unified_contact_center_express:-
|
— | |
|
Juniper JUNOS <24.2R1-S2
Juniper / JUNOS
|
<24.2R1-S2 | ||
|
Aruba Switch CX
Aruba / Switch
|
cpe:/h:arubanetworks:switch:aos-cx
|
CX | |
|
QNAP NAS QES 2.2.0
QNAP / NAS
|
cpe:/h:qnap:nas:qes_2.2.0
|
QES 2.2.0 | |
|
Cisco Emergency Responder
Cisco
|
cpe:/a:cisco:emergency_responder:-
|
— | |
|
WatchGuard Firebox
WatchGuard / Firebox
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Cisco Evolved Programmable Network Manager
Cisco
|
cpe:/a:cisco:evolved_programmable_network_manager:-
|
— | |
|
Cisco Firepower Management Center
Cisco / Firepower
|
cpe:/a:cisco:firepower:management_center
|
Management Center | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Cisco Unified Communications Manager (CUCM)
Cisco
|
cpe:/a:cisco:unified_communications_manager:-
|
— | |
|
Cisco TelePresence Video Communication Server
Cisco / TelePresence
|
cpe:/h:cisco:telepresence:video_communication_server
|
Video Communication Server | |
|
Fortinet FortiManager
Fortinet
|
cpe:/a:fortinet:fortimanager:-
|
— | |
|
Cisco Unity Connection
Cisco
|
cpe:/a:cisco:unity_connection:-
|
— | |
|
Cisco Aironet Access Point 1540
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:1540_series
|
1540 | |
|
WatchGuard Firebox <12.10.4 Update 1
WatchGuard / Firebox
|
<12.10.4 Update 1 | ||
|
Open Source OpenSSH <9.8p1
Open Source / OpenSSH
|
<9.8p1 | ||
|
Dell PowerScale
Dell
|
cpe:/a:dell:powerscale_onefs:onefs
|
— | |
|
IBM AIX 7.2
IBM / AIX
|
cpe:/o:ibm:aix:7.2
|
7.2 | |
|
Dell integrated Dell Remote Access Controller <7.00.00.173
Dell / integrated Dell Remote Access Controller
|
<7.00.00.173 | ||
|
Dell integrated Dell Remote Access Controller <7.10.50.10
Dell / integrated Dell Remote Access Controller
|
<7.10.50.10 | ||
|
Cisco Secure Web Appliance
Cisco
|
cpe:/h:cisco:secure_web_appliance:-
|
— | |
|
Alcatel Lucent Enterprise OmniSwitch
Alcatel Lucent Enterprise
|
cpe:/h:alcatel-lucent:omniswitch:-
|
— | |
|
Fortinet FortiAnalyzer
Fortinet
|
cpe:/a:fortinet:fortianalyzer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Cisco IOS XE
Cisco
|
cpe:/o:cisco:ios_xe:-
|
— | |
|
Cisco Aironet Access Point 1560
Cisco / Aironet Access Point
|
cpe:/o:cisco:aironet_access_point_software:1560_series
|
1560 | |
|
NetBSD Foundation NetBSD OS
NetBSD Foundation
|
cpe:/o:netbsd:netbsd:-
|
— | |
|
Huawei OceanStor
Huawei
|
cpe:/h:huawei:oceanstor_uds:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Huawei AC6805
Huawei
|
cpe:/h:huawei:ac6805_firmware:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Huawei AirEngine
Huawei
|
cpe:/h:huawei:airengine:-
|
— | |
|
Moxa Router EDR-G9010 <3.12
Moxa / Router
|
EDR-G9010 <3.12 | ||
|
Juniper JUNOS <24.2R2
Juniper / JUNOS
|
<24.2R2 | ||
|
Moxa Router OnCell G4302-LTE4 <3.12
Moxa / Router
|
OnCell G4302-LTE4 <3.12 | ||
|
Moxa Router EDR-8010 <3.12
Moxa / Router
|
EDR-8010 <3.12 | ||
|
Cisco Identity Services Engine (ISE)
Cisco
|
cpe:/a:cisco:identity_services_engine_software:-
|
— | |
|
Cisco Meeting Server
Cisco
|
cpe:/a:cisco:meeting_server:-
|
— | |
|
IBM FlashSystem
IBM
|
cpe:/a:ibm:flashsystem:-
|
— | |
|
HAProxy HAProxy <2024-07-04
HAProxy / HAProxy
|
<2024-07-04 | ||
|
HAProxy ALOHA <14.5.23
HAProxy / ALOHA
|
<14.5.23 | ||
|
HAProxy ALOHA <15.5.12
HAProxy / ALOHA
|
<15.5.12 | ||
|
HAProxy ALOHA <16.0.2
HAProxy / ALOHA
|
<16.0.2 | ||
|
Securepoint UTM <12.6.5.1
Securepoint / UTM
|
<12.6.5.1 | ||
|
Cisco Expressway
Cisco
|
cpe:/a:cisco:expressway_software:-
|
— | |
|
Huawei iMaster NCE Fabric
Huawei
|
cpe:/a:huawei:imaster_nce-fabric:-
|
— | |
|
Huawei NetEngine
Huawei
|
cpe:/h:huawei:netengine:-
|
— | |
|
Huawei CloudEngine
Huawei
|
cpe:/h:huawei:cloudengine:-
|
— | |
|
Huawei FusionServer Pro
Huawei
|
cpe:/h:huawei:fusionserver_pro:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Huawei iMaster NCE-Campus
Huawei
|
cpe:/a:huawei:imaster_nce-campus:-
|
— | |
|
Huawei iMaster NCE-CampusInsight
Huawei
|
cpe:/a:huawei:imaster_nce-campusinsight:-
|
— | |
|
HPE HP-UX sshd <A.09.30.007
HPE / HP-UX
|
sshd <A.09.30.007 | ||
|
IBM Security Guardium 12.1
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:12.1
|
12.1 |
References
56 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um beliebigen Programmcode mit root Rechten auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- CISCO Appliance\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1486 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1486.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1486 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1486"
},
{
"category": "external",
"summary": "Qualys Blog vom 2024-06-30",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-24:04.OPENSSH vom 2024-07-01",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5724 vom 2024-07-01",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00135.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12468 vom 2024-07-01",
"url": "https://linux.oracle.com/errata/ELSA-2024-12468.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-649 vom 2024-07-02",
"url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-649.html"
},
{
"category": "external",
"summary": "WatchGuard Security Advisory WGSA-2024-00012 vom 2024-07-01",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00012"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-213F33544E vom 2024-07-02",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-213f33544e"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-DC89A2E1BF vom 2024-07-02",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-dc89a2e1bf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2275-1 vom 2024-07-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018851.html"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-24-31 vom 2024-07-02",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-24-31"
},
{
"category": "external",
"summary": "NetBSD Security Advisory NETBSD-SA2024-002 vom 2024-07-02",
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"category": "external",
"summary": "IGEL Product Security Information vom 2024-07-03",
"url": "https://kb.igel.com/securitysafety/en/isn-2024-17-openssh-vulnerability-131268877.html"
},
{
"category": "external",
"summary": "Veriti Blog vom 2024-07-03",
"url": "https://veriti.ai/blog/regresshion-cve-2024-6387-a-targeted-exploit-in-the-wild/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4312 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"category": "external",
"summary": "Securepoint UTM Changelog vom 2024-07-03",
"url": "https://wiki.securepoint.de/UTM/Changelog"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2275-2 vom 2024-07-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018867.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4312 vom 2024-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2024-4312.html"
},
{
"category": "external",
"summary": "Cisco Security Advisory CISCO-SA-OPENSSH-RCE-2024 vom 2024-07-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4340 vom 2024-07-05",
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"category": "external",
"summary": "Arista Security Advisory vom 2024-07-08",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4389 vom 2024-07-08",
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"category": "external",
"summary": "HAProxy Security Update",
"url": "https://www.haproxy.com/blog/cve-2024-6387"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7159920 vom 2024-07-10",
"url": "https://www.ibm.com/support/pages/node/7159920"
},
{
"category": "external",
"summary": "OTRS Security Advisory OSA-2024-08 vom 2024-07-15",
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-08/"
},
{
"category": "external",
"summary": "HPE Security Bulletin hpesbnw04669 vom 2024-07-10",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04669en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "ALE Security Advisory",
"url": "https://www.al-enterprise.com/-/media/assets/internet/documents/n-to-s/sa-a0010-ed02.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4479 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4469 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4484 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4474 vom 2024-07-19",
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"category": "external",
"summary": "Meinberg Security Advisory vom 2024-07-22",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-04-lantime-firmware-v7-08-014.htm"
},
{
"category": "external",
"summary": "Huawei Security Advisory HWPSIRT-2024-56267 huawei-sa-ORCEViSHP-90459233 vom 2024-07-22 vom 2024-07-24",
"url": "https://securitybulletin.huawei.com/enterprise/en/security-advisory"
},
{
"category": "external",
"summary": "WatchGuard Fireware Advisory vom 2024-07-26",
"url": "https://www.watchguard.com/wgrd-blog/watchguard-fireware-v12104-update-1-available-now"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6942-1 vom 2024-08-01",
"url": "https://ubuntu.com/security/notices/USN-6942-1"
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-246387 vom 2024-08-02",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246387-multiple-moxa-product-series-affected-by-cve-2024-6387"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-24:08.OPENSSH vom 2024-08-07",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-24:08.openssh.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7163719 vom 2024-08-07",
"url": "https://www.ibm.com/support/pages/node/7163719"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6960-1 vom 2024-08-14",
"url": "https://ubuntu.com/security/notices/USN-6960-1"
},
{
"category": "external",
"summary": "Securepoint UTM Changelog vom 2024-08-14",
"url": "https://wiki.securepoint.de/UTM/Changelog"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-342 vom 2024-08-14",
"url": "https://www.dell.com/support/kbdoc/de-de/000227795/dsa-2024-342-security-update-for-dell-idrac9-openssh-vulnerability"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6859-1",
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"category": "external",
"summary": "DELL Security Update for Dell PowerScale OneFS",
"url": "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
},
{
"category": "external",
"summary": "Phoenix Contact Security Advisory VDE-2024-051 vom 2024-09-04",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/b9ce1d5716385f4b9cd6a9c91a9e2c8a/Security_Advisory_FL_MGUARD_VDE_2024_051.pdf"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-24-258 vom 2024-09-11",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-258"
},
{
"category": "external",
"summary": "HPE Security Bulletin vom 2024-10-28",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04725en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA92873 vom 2024-01-09",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183378 vom 2025-02-14",
"url": "https://www.ibm.com/support/pages/node/7183378"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183471 vom 2025-02-26",
"url": "https://www.ibm.com/support/pages/node/7183471"
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-251431 vom 2025-04-02",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-259491-cve-2025-0676-command-injection-leading-to-privilege-escalation"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-167 vom 2025-04-07",
"url": "https://www.dell.com/support/kbdoc/de-de/000304933/dsa-2025-167-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20009-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021369.html"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-25-13 vom 2025-06-06",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-25-13"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-082556 vom 2025-06-10",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"source_lang": "en-US",
"title": "OpenSSH: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-06-10T22:00:00.000+00:00",
"generator": {
"date": "2025-06-11T06:26:05.697+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-1486",
"initial_release_date": "2024-06-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux, Amazon, WatchGuard und Fedora aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE, QNAP und NetBSD aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "4",
"summary": "Schwachstelle wird in gezielten Angriffen ausgenutzt"
},
{
"date": "2024-07-04T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Cisco und Red Hat aufgenommen"
},
{
"date": "2024-07-08T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Cisco Produkte aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "9",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "10",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-14T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von OTRS aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "13",
"summary": "Weitere Produkte von Cisco aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-21T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Cisco"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Meinberg aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Huawei aufgenommen"
},
{
"date": "2024-07-25T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von FreeBSD und IBM aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von VDE aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Fortinet aufgenommen"
},
{
"date": "2024-10-28T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-02-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von moxa aufgenommen"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von QNAP aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Siemens aufgenommen"
}
],
"status": "final",
"version": "34"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise AOS",
"product": {
"name": "Alcatel Lucent Enterprise AOS",
"product_id": "422",
"product_identification_helper": {
"cpe": "cpe:/o:alcatel:aos:-"
}
}
},
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise Desk Phone",
"product": {
"name": "Alcatel Lucent Enterprise Desk Phone",
"product_id": "T036148",
"product_identification_helper": {
"cpe": "cpe:/h:alcatel-lucent:deskphone:-"
}
}
},
{
"category": "product_name",
"name": "Alcatel Lucent Enterprise OmniSwitch",
"product": {
"name": "Alcatel Lucent Enterprise OmniSwitch",
"product_id": "T017286",
"product_identification_helper": {
"cpe": "cpe:/h:alcatel-lucent:omniswitch:-"
}
}
}
],
"category": "vendor",
"name": "Alcatel Lucent Enterprise"
},
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Arista EOS",
"product": {
"name": "Arista EOS",
"product_id": "T007958",
"product_identification_helper": {
"cpe": "cpe:/o:arista:arista_eos:-"
}
}
}
],
"category": "vendor",
"name": "Arista"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "CX Switches",
"product": {
"name": "Aruba ArubaOS CX Switches",
"product_id": "T036139",
"product_identification_helper": {
"cpe": "cpe:/o:arubanetworks:arubaos:cx_switches"
}
}
}
],
"category": "product_name",
"name": "ArubaOS"
},
{
"branches": [
{
"category": "product_version",
"name": "SD-WAN Orchestrator",
"product": {
"name": "Aruba EdgeConnect SD-WAN Orchestrator",
"product_id": "T036138",
"product_identification_helper": {
"cpe": "cpe:/a:aruba:edgeconnect:sd-wan_orchestrator"
}
}
}
],
"category": "product_name",
"name": "EdgeConnect"
},
{
"branches": [
{
"category": "product_version",
"name": "CX",
"product": {
"name": "Aruba Switch CX",
"product_id": "T024430",
"product_identification_helper": {
"cpe": "cpe:/h:arubanetworks:switch:aos-cx"
}
}
}
],
"category": "product_name",
"name": "Switch"
}
],
"category": "vendor",
"name": "Aruba"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco ASA (Adaptive Security Appliance)",
"product": {
"name": "Cisco ASA (Adaptive Security Appliance)",
"product_id": "T035033",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:adaptive_security_appliance:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "1540",
"product": {
"name": "Cisco Aironet Access Point 1540",
"product_id": "T016298",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:1540_series"
}
}
},
{
"category": "product_version",
"name": "1560",
"product": {
"name": "Cisco Aironet Access Point 1560",
"product_id": "T020457",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:1560_series"
}
}
},
{
"category": "product_version",
"name": "802.11ac Wave2",
"product": {
"name": "Cisco Aironet Access Point 802.11ac Wave2",
"product_id": "T035856",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:aironet_access_point_software:802.11ac_wave2"
}
}
}
],
"category": "product_name",
"name": "Aironet Access Point"
},
{
"category": "product_name",
"name": "Cisco Application Policy Infrastructure Controller",
"product": {
"name": "Cisco Application Policy Infrastructure Controller",
"product_id": "778219",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9800 Series Wireless Controllers",
"product": {
"name": "Cisco Catalyst 9800 Series Wireless Controllers",
"product_id": "T017342",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:9800_series_wireless_controllers"
}
}
},
{
"category": "product_version",
"name": "9100 Series Access Points",
"product": {
"name": "Cisco Catalyst 9100 Series Access Points",
"product_id": "T024739",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:9100_series_access_points"
}
}
},
{
"category": "product_version",
"name": "IW6300 Heavy Duty Series Access Points",
"product": {
"name": "Cisco Catalyst IW6300 Heavy Duty Series Access Points",
"product_id": "T035857",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw6300_heavy_duty_series_access_points"
}
}
},
{
"category": "product_version",
"name": "IW9165 Heavy Duty Series",
"product": {
"name": "Cisco Catalyst IW9165 Heavy Duty Series",
"product_id": "T035858",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9165_heavy_duty_series"
}
}
},
{
"category": "product_version",
"name": "IW9165 Rugged Series",
"product": {
"name": "Cisco Catalyst IW9165 Rugged Series",
"product_id": "T035859",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9165_rugged_series"
}
}
},
{
"category": "product_version",
"name": "IW9167 Heavy Duty Series",
"product": {
"name": "Cisco Catalyst IW9167 Heavy Duty Series",
"product_id": "T035860",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:iw9167_heavy_duty_series"
}
}
}
],
"category": "product_name",
"name": "Catalyst"
},
{
"category": "product_name",
"name": "Cisco Emergency Responder",
"product": {
"name": "Cisco Emergency Responder",
"product_id": "T030244",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:emergency_responder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Evolved Programmable Network Manager",
"product": {
"name": "Cisco Evolved Programmable Network Manager",
"product_id": "T035899",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:evolved_programmable_network_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Expressway",
"product": {
"name": "Cisco Expressway",
"product_id": "T014329",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:expressway_software:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Firepower Chassis Manager",
"product": {
"name": "Cisco FXOS Firepower Chassis Manager",
"product_id": "T035853",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:fxos:firepower_chassis_manager"
}
}
}
],
"category": "product_name",
"name": "FXOS"
},
{
"branches": [
{
"category": "product_version",
"name": "Management Center",
"product": {
"name": "Cisco Firepower Management Center",
"product_id": "T016458",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:management_center"
}
}
},
{
"category": "product_version",
"name": "Threat Defense",
"product": {
"name": "Cisco Firepower Threat Defense",
"product_id": "T029736",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:threat_defense"
}
}
}
],
"category": "product_name",
"name": "Firepower"
},
{
"category": "product_name",
"name": "Cisco IOS XE",
"product": {
"name": "Cisco IOS XE",
"product_id": "203396",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9841",
"product": {
"name": "Cisco IP Phone 9841",
"product_id": "T035900",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ip_phone:9841"
}
}
},
{
"category": "product_version",
"name": "9851",
"product": {
"name": "Cisco IP Phone 9851",
"product_id": "T035901",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:ip_phone:9851"
}
}
}
],
"category": "product_name",
"name": "IP Phone"
},
{
"category": "product_name",
"name": "Cisco Identity Services Engine (ISE)",
"product": {
"name": "Cisco Identity Services Engine (ISE)",
"product_id": "T000612",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:identity_services_engine_software:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Meeting Server",
"product": {
"name": "Cisco Meeting Server",
"product_id": "T018748",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:meeting_server:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3000",
"product": {
"name": "Cisco Nexus 3000",
"product_id": "T003851",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:3000"
}
}
},
{
"category": "product_version",
"name": "9000",
"product": {
"name": "Cisco Nexus 9000",
"product_id": "T003853",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:9000"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"category": "product_name",
"name": "Cisco Nexus Dashboard",
"product": {
"name": "Cisco Nexus Dashboard",
"product_id": "1202977",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:nexus_dashboard:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Prime Infrastructure",
"product": {
"name": "Cisco Prime Infrastructure",
"product_id": "T000756",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_infrastructure:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "ASR 5000",
"product": {
"name": "Cisco Router ASR 5000",
"product_id": "T004611",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:router:asr_5000"
}
}
}
],
"category": "product_name",
"name": "Router"
},
{
"category": "product_name",
"name": "Cisco Secure Email Gateway",
"product": {
"name": "Cisco Secure Email Gateway",
"product_id": "1269011",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_email_gateway:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Secure Web Appliance",
"product": {
"name": "Cisco Secure Web Appliance",
"product_id": "T034850",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_web_appliance:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Smart Software Manager On-Prem",
"product": {
"name": "Cisco Smart Software Manager On-Prem",
"product_id": "T035854",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:smart_software_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Video Communication Server",
"product": {
"name": "Cisco TelePresence Video Communication Server",
"product_id": "T018121",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:telepresence:video_communication_server"
}
}
}
],
"category": "product_name",
"name": "TelePresence"
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM)",
"product": {
"name": "Cisco Unified Communications Manager (CUCM)",
"product_id": "T030240",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Express (UCCX)",
"product": {
"name": "Cisco Unified Contact Center Express (UCCX)",
"product_id": "915286",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Connection",
"product": {
"name": "Cisco Unity Connection",
"product_id": "T030242",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unity_connection:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "6300 Series Embedded",
"product": {
"name": "Cisco Wireless Access Point 6300 Series Embedded",
"product_id": "T035855",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:wap:6300_series_embedded"
}
}
}
],
"category": "product_name",
"name": "Wireless Access Point"
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Gen5a \u003cHotfix 338868",
"product": {
"name": "Dell Avamar Gen5a \u003cHotfix 338868",
"product_id": "T042429"
}
},
{
"category": "product_version",
"name": "Gen5a Hotfix 338868",
"product": {
"name": "Dell Avamar Gen5a Hotfix 338868",
"product_id": "T042429-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:gen5a__hotfix_338868"
}
}
}
],
"category": "product_name",
"name": "Avamar"
},
{
"category": "product_name",
"name": "Dell PowerScale",
"product": {
"name": "Dell PowerScale",
"product_id": "T034610",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerscale_onefs:onefs"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.00.00.173",
"product": {
"name": "Dell integrated Dell Remote Access Controller \u003c7.00.00.173",
"product_id": "T036911"
}
},
{
"category": "product_version",
"name": "7.00.00.173",
"product": {
"name": "Dell integrated Dell Remote Access Controller 7.00.00.173",
"product_id": "T036911-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:idrac:7.00.00.173"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.50.10",
"product": {
"name": "Dell integrated Dell Remote Access Controller \u003c7.10.50.10",
"product_id": "T036912"
}
},
{
"category": "product_version",
"name": "7.10.50.10",
"product": {
"name": "Dell integrated Dell Remote Access Controller 7.10.50.10",
"product_id": "T036912-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:dell:idrac:7.10.50.10"
}
}
}
],
"category": "product_name",
"name": "integrated Dell Remote Access Controller"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Fortinet FortiAnalyzer",
"product": {
"name": "Fortinet FortiAnalyzer",
"product_id": "T022516",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortianalyzer:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiAuthenticator",
"product": {
"name": "Fortinet FortiAuthenticator",
"product_id": "1002224",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortiauthenticator:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiMail",
"product": {
"name": "Fortinet FortiMail",
"product_id": "T022518",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortimail:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiManager",
"product": {
"name": "Fortinet FortiManager",
"product_id": "T003827",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortimanager:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiVoice",
"product": {
"name": "Fortinet FortiVoice",
"product_id": "T037588",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortivoice:-"
}
}
},
{
"category": "product_name",
"name": "Fortinet FortiWeb",
"product": {
"name": "Fortinet FortiWeb",
"product_id": "T037589",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:fortiweb:-"
}
}
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c16.0.2",
"product": {
"name": "HAProxy ALOHA \u003c16.0.2",
"product_id": "T035886"
}
},
{
"category": "product_version",
"name": "16.0.2",
"product": {
"name": "HAProxy ALOHA 16.0.2",
"product_id": "T035886-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:16.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.5.12",
"product": {
"name": "HAProxy ALOHA \u003c15.5.12",
"product_id": "T035887"
}
},
{
"category": "product_version",
"name": "15.5.12",
"product": {
"name": "HAProxy ALOHA 15.5.12",
"product_id": "T035887-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:15.5.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.5.23",
"product": {
"name": "HAProxy ALOHA \u003c14.5.23",
"product_id": "T035888"
}
},
{
"category": "product_version",
"name": "14.5.23",
"product": {
"name": "HAProxy ALOHA 14.5.23",
"product_id": "T035888-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:haproxy:aloha:14.5.23"
}
}
}
],
"category": "product_name",
"name": "ALOHA"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024-07-04",
"product": {
"name": "HAProxy HAProxy \u003c2024-07-04",
"product_id": "T035889"
}
},
{
"category": "product_version",
"name": "2024-07-04",
"product": {
"name": "HAProxy HAProxy 2024-07-04",
"product_id": "T035889-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:haproxy:haproxy:2024-07-04"
}
}
}
],
"category": "product_name",
"name": "HAProxy"
}
],
"category": "vendor",
"name": "HAProxy"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "sshd \u003cA.09.30.007",
"product": {
"name": "HPE HP-UX sshd \u003cA.09.30.007",
"product_id": "T038630"
}
},
{
"category": "product_version",
"name": "sshd A.09.30.007",
"product": {
"name": "HPE HP-UX sshd A.09.30.007",
"product_id": "T038630-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:hp:hp-ux:sshd__a.09.30.007"
}
}
}
],
"category": "product_name",
"name": "HP-UX"
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "Huawei AC6805",
"product": {
"name": "Huawei AC6805",
"product_id": "T036448",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:ac6805_firmware:-"
}
}
},
{
"category": "product_name",
"name": "Huawei AirEngine",
"product": {
"name": "Huawei AirEngine",
"product_id": "T036449",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:airengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei CloudEngine",
"product": {
"name": "Huawei CloudEngine",
"product_id": "T036450",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:cloudengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei FusionServer Pro",
"product": {
"name": "Huawei FusionServer Pro",
"product_id": "T036451",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:fusionserver_pro:-"
}
}
},
{
"category": "product_name",
"name": "Huawei NetEngine",
"product": {
"name": "Huawei NetEngine",
"product_id": "T036455",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:netengine:-"
}
}
},
{
"category": "product_name",
"name": "Huawei OceanStor",
"product": {
"name": "Huawei OceanStor",
"product_id": "516536",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:oceanstor_uds:-"
}
}
},
{
"category": "product_name",
"name": "Huawei Router",
"product": {
"name": "Huawei Router",
"product_id": "T034372",
"product_identification_helper": {
"cpe": "cpe:/h:huawei:router:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE Fabric",
"product": {
"name": "Huawei iMaster NCE Fabric",
"product_id": "T036454",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-fabric:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE FabricInsight",
"product": {
"name": "Huawei iMaster NCE FabricInsight",
"product_id": "T031541",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce_fabricinsight:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE-Campus",
"product": {
"name": "Huawei iMaster NCE-Campus",
"product_id": "T036452",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-campus:-"
}
}
},
{
"category": "product_name",
"name": "Huawei iMaster NCE-CampusInsight",
"product": {
"name": "Huawei iMaster NCE-CampusInsight",
"product_id": "T036453",
"product_identification_helper": {
"cpe": "cpe:/a:huawei:imaster_nce-campusinsight:-"
}
}
}
],
"category": "vendor",
"name": "Huawei"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM AIX 3.1",
"product_id": "30380",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM AIX 4.1",
"product_id": "30388",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:4.1"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version",
"name": "Cloud Pak",
"product": {
"name": "IBM DB2 Cloud Pak",
"product_id": "T036672",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:cloud_pak"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T020642",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "IBM Security Guardium 12.0",
"product_id": "T031092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.0"
}
}
},
{
"category": "product_version",
"name": "12.1",
"product": {
"name": "IBM Security Guardium 12.1",
"product_id": "T041237",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:12.1"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.4.2",
"product": {
"name": "IGEL OS \u003c12.4.2",
"product_id": "T035571"
}
},
{
"category": "product_version",
"name": "12.4.2",
"product": {
"name": "IGEL OS 12.4.2",
"product_id": "T035571-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:12.4.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.10.150",
"product": {
"name": "IGEL OS \u003c11.10.150",
"product_id": "T035572"
}
},
{
"category": "product_version",
"name": "11.10.150",
"product": {
"name": "IGEL OS 11.10.150",
"product_id": "T035572-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:11.10.150"
}
}
}
],
"category": "product_name",
"name": "OS"
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.2R2",
"product": {
"name": "Juniper JUNOS \u003c24.2R2",
"product_id": "T037895"
}
},
{
"category": "product_version",
"name": "24.2R2",
"product": {
"name": "Juniper JUNOS 24.2R2",
"product_id": "T037895-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R2-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.2R2-EVO",
"product_id": "T037905"
}
},
{
"category": "product_version",
"name": "24.2R2-EVO",
"product": {
"name": "Juniper JUNOS 24.2R2-EVO",
"product_id": "T037905-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r2-evo"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R1-S2",
"product": {
"name": "Juniper JUNOS \u003c24.2R1-S2",
"product_id": "T040069"
}
},
{
"category": "product_version",
"name": "24.2R1-S2",
"product": {
"name": "Juniper JUNOS 24.2R1-S2",
"product_id": "T040069-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r1-s2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.4R1",
"product": {
"name": "Juniper JUNOS \u003c24.4R1",
"product_id": "T040070"
}
},
{
"category": "product_version",
"name": "24.4R1",
"product": {
"name": "Juniper JUNOS 24.4R1",
"product_id": "T040070-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.4r1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.2R1-S2-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.2R1-S2-EVO",
"product_id": "T040071"
}
},
{
"category": "product_version",
"name": "24.2R1-S2-EVO",
"product": {
"name": "Juniper JUNOS 24.2R1-S2-EVO",
"product_id": "T040071-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.2r1-s2-evo"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.4R1-EVO",
"product": {
"name": "Juniper JUNOS \u003c24.4R1-EVO",
"product_id": "T040072"
}
},
{
"category": "product_version",
"name": "24.4R1-EVO",
"product": {
"name": "Juniper JUNOS 24.4R1-EVO",
"product_id": "T040072-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:24.4r1-evo"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV7.08.014",
"product": {
"name": "Meinberg LANTIME \u003cV7.08.014",
"product_id": "T036396"
}
},
{
"category": "product_version",
"name": "V7.08.014",
"product": {
"name": "Meinberg LANTIME V7.08.014",
"product_id": "T036396-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:v7.08.014"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "EDR-8010 \u003c3.12",
"product": {
"name": "Moxa Router EDR-8010 \u003c3.12",
"product_id": "T036563"
}
},
{
"category": "product_version",
"name": "EDR-8010 3.12",
"product": {
"name": "Moxa Router EDR-8010 3.12",
"product_id": "T036563-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:edr-8010__3.12"
}
}
},
{
"category": "product_version_range",
"name": "EDR-G9010 \u003c3.12",
"product": {
"name": "Moxa Router EDR-G9010 \u003c3.12",
"product_id": "T036564"
}
},
{
"category": "product_version",
"name": "EDR-G9010 3.12",
"product": {
"name": "Moxa Router EDR-G9010 3.12",
"product_id": "T036564-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:edr-g9010__3.12"
}
}
},
{
"category": "product_version_range",
"name": "OnCell G4302-LTE4 \u003c3.12",
"product": {
"name": "Moxa Router OnCell G4302-LTE4 \u003c3.12",
"product_id": "T036565"
}
},
{
"category": "product_version",
"name": "OnCell G4302-LTE4 3.12",
"product": {
"name": "Moxa Router OnCell G4302-LTE4 3.12",
"product_id": "T036565-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:oncell_g4302-lte4__3.12"
}
}
},
{
"category": "product_name",
"name": "Moxa Router",
"product": {
"name": "Moxa Router",
"product_id": "T042271",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:-"
}
}
}
],
"category": "product_name",
"name": "Router"
}
],
"category": "vendor",
"name": "Moxa"
},
{
"branches": [
{
"category": "product_name",
"name": "NetBSD Foundation NetBSD OS",
"product": {
"name": "NetBSD Foundation NetBSD OS",
"product_id": "7660",
"product_identification_helper": {
"cpe": "cpe:/o:netbsd:netbsd:-"
}
}
}
],
"category": "vendor",
"name": "NetBSD Foundation"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "SaaS platform \u003c2024-07",
"product": {
"name": "OTRS OTRS SaaS platform \u003c2024-07",
"product_id": "T036136"
}
},
{
"category": "product_version",
"name": "SaaS platform 2024-07",
"product": {
"name": "OTRS OTRS SaaS platform 2024-07",
"product_id": "T036136-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:otrs:otrs:2024-07::saas_platform"
}
}
}
],
"category": "product_name",
"name": "OTRS"
}
],
"category": "vendor",
"name": "OTRS"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.8p1",
"product": {
"name": "Open Source OpenSSH \u003c9.8p1",
"product_id": "T035701"
}
},
{
"category": "product_version",
"name": "9.8p1",
"product": {
"name": "Open Source OpenSSH 9.8p1",
"product_id": "T035701-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openssh:9.8p1"
}
}
},
{
"category": "product_version_range",
"name": "\u003e=8.5p1",
"product": {
"name": "Open Source OpenSSH \u003e=8.5p1",
"product_id": "T035702"
}
},
{
"category": "product_version_range",
"name": "\u003e=8.5p1",
"product": {
"name": "Open Source OpenSSH \u003e=8.5p1",
"product_id": "T035702-fixed"
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c8.9.3",
"product_id": "T037367"
}
},
{
"category": "product_version",
"name": "8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD 8.9.3",
"product_id": "T037367-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:8.9.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c10.4.1",
"product_id": "T037368"
}
},
{
"category": "product_version",
"name": "10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD 10.4.1",
"product_id": "T037368-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:10.4.1"
}
}
}
],
"category": "product_name",
"name": "FL MGUARD"
}
],
"category": "vendor",
"name": "Phoenix Contact"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
},
{
"category": "product_version",
"name": "QES 2.2.0",
"product": {
"name": "QNAP NAS QES 2.2.0",
"product_id": "T044421",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:qes_2.2.0"
}
}
}
],
"category": "product_name",
"name": "NAS"
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.6.5.1",
"product": {
"name": "Securepoint UTM \u003c12.6.5.1",
"product_id": "T035805"
}
},
{
"category": "product_version",
"name": "12.6.5.1",
"product": {
"name": "Securepoint UTM 12.6.5.1",
"product_id": "T035805-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:securepoint:unified_threat_management:12.6.5.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.7.2",
"product": {
"name": "Securepoint UTM \u003c12.7.2",
"product_id": "T036885"
}
},
{
"category": "product_version",
"name": "12.7.2",
"product": {
"name": "Securepoint UTM 12.7.2",
"product_id": "T036885-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:securepoint:unified_threat_management:12.7.2"
}
}
}
],
"category": "product_name",
"name": "UTM"
}
],
"category": "vendor",
"name": "Securepoint"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500 CPU",
"product": {
"name": "Siemens SIMATIC S7 1500 CPU",
"product_id": "T025776",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500_cpu"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "WatchGuard Firebox",
"product": {
"name": "WatchGuard Firebox",
"product_id": "T030882",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.10.4 Update 1",
"product": {
"name": "WatchGuard Firebox \u003c12.10.4 Update 1",
"product_id": "T036460"
}
},
{
"category": "product_version",
"name": "12.10.4 Update 1",
"product": {
"name": "WatchGuard Firebox 12.10.4 Update 1",
"product_id": "T036460-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:12.10.4_update_1"
}
}
}
],
"category": "product_name",
"name": "Firebox"
}
],
"category": "vendor",
"name": "WatchGuard"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6387",
"product_status": {
"known_affected": [
"T035856",
"T035855",
"T035854",
"T035853",
"T035859",
"T035858",
"T035857",
"1202977",
"T035572",
"T042429",
"T035571",
"T036148",
"30380",
"1139691",
"T020642",
"30388",
"T000756",
"T031092",
"T029736",
"398363",
"T025776",
"T042271",
"T035900",
"T031541",
"T003851",
"T003853",
"T035901",
"T037367",
"T037368",
"T034372",
"T036396",
"T036672",
"T035860",
"T021621",
"T024739",
"2951",
"T004611",
"1002224",
"T035033",
"T036885",
"T022518",
"T040072",
"T040071",
"T040070",
"1269011",
"T037905",
"T036139",
"T036136",
"T037588",
"T037589",
"T007958",
"T036138",
"T017100",
"T017342",
"422",
"T000126",
"778219",
"915286",
"T040069",
"T024430",
"T044421",
"T030244",
"T030882",
"T035899",
"T016458",
"T004914",
"T030240",
"T018121",
"T003827",
"T030242",
"T016298",
"T036460",
"T035701",
"T034610",
"434967",
"T036911",
"T036912",
"T034850",
"T017286",
"T022516",
"T002207",
"203396",
"T020457",
"7660",
"516536",
"67646",
"T036448",
"4035",
"T036449",
"T036564",
"T037895",
"T036565",
"T036563",
"T000612",
"T018748",
"T025159",
"T035889",
"T035888",
"T035887",
"T035886",
"T035805",
"T014329",
"T036454",
"T036455",
"T036450",
"T036451",
"74185",
"T036452",
"T036453",
"T038630",
"T041237"
]
},
"release_date": "2024-06-30T22:00:00.000+00:00",
"title": "CVE-2024-6387"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…