Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

CVE-2023-48795 Ciphers negotiated for OpenSSH connections

 

Information

 

Summary:

SSH transport protocol with certain OpenSSH  extensions allow remote attackers to bypass integrity checks causing some packets to be omitted from negotiation.

This has been found in any OpenSSH versions before 9.6.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

CVE-2023-48795 vulnerability

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

The following affected ciphers are not available on the LMOS for server or client.

  • ChaCha20-Poly1305

  • any aes(128|192|256)-cbc ciphers

Workaround:

 

Notes: https://nvd.nist.gov/vuln/detail/CVE-2023-48795

Was this article helpful?
0 out of 0 found this helpful

Comments