Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Vulnerability CVE-2023-48795

 

Information

 

Summary:

Details about vulnerability CVE-2023-48795.

Environment:

Product: Flowmon OS

Version: Any

Platform: Any

Question/Problem Description:

Is the Flowmon OS affected by vulnerability CVE-2023-48795?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.

Flowmon is affected, but the severity is very low. The most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before SSH authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or integrity.

The solution of this CVE will be present in Flowmon OS 13. It is also possible to mitigate the CVE by installing the hotfix package in Configuration Center - Versions - Import package in Flowmon OS 12.

Workaround:  
Notes:

https://access.redhat.com/security/cve/cve-2023-48795


Was this article helpful?
0 out of 0 found this helpful

Comments