Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

  1. Kemp Support
  2. Knowledge Base
  3. Flowmon General
  4. Flowmon OS

Vulnerability CVE-2023-38408

Updated

 

Information

 

Summary:

Details about vulnerability CVE-2023-38408.
Environment:

Product: Flowmon OS

Version: Any

Platform: Any
Question/Problem Description:

Is the Flowmon OS affected by vulnerability CVE-2023-38408?
Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution: Remote exploitation required that a user establishes an SSH connection to a compromised or malicious SSH server with agent forwarding enabled. The agent forwarding is disabled by default.
 
Flowmon OS has agent forwarding disabled so it is not vulnerable. Can be checked with:
grep -Ri "ForwardAgent" /etc/ssh/

Expected output:

/etc/ssh/ssh_config:#   ForwardAgent no
Workaround:  
Notes:

https://access.redhat.com/security/cve/cve-2023-38408

https://access.redhat.com/errata/RHSA-2023:4382
Was this article helpful?
0 out of 0 found this helpful

Comments

In this document