Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

CVE vulnerability guide to Flowmon

 

Information

 

Summary:

How to determine whether a RedHat vulerability hotfix has been implemented into Flowmon when lookin for a specific CVE

Environment:

Product: Flowmon

Version: 11.x, 12.x

Platform: Any

Question/Problem Description:

How to determine whether a RedHat vulerability hotfix has been already implemented into Flowmon

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

First of all, it is important to underline that any vulnerability scan (ie Nessus scanning) should be run using only the latest stable version of Flowmon. Only scans of the lastest stable version are relevant.

The findings in the scan are usually organized into different CVEs. We can then look them up on the RedHat customer portal to look for further resources.

EXAMPLE USE:

Let's use the CVE-2023-38408 as an example of vulnerability I want to research and check whether it is a vulberability Flowmon is affected by.

The CVE-2023-38408 is a very serious vulnerability found in OpenSSH that affects various Linux systems. This vulnerability allows the attacker to execute code remotely, so it is important to determe whether my systems are affected by this.

If I look it up on the RedHat website, I will end up on this article: https://access.redhat.com/security/cve/cve-2023-38408

Since Flowmon uses CentOS 7, I want to chose "Red Hat Enterprise Linux 7" in the "Affected Packages and Issued Red Hat Security Errata" section. Then I will click the errata link -> updated packages.

Now let's check the RPM package list using the SSH console of the Flowmon appliance. This command will look for any package that mentions "openssh":

$ rpm -qa | grep openssh

This will return the following list:

openssh-server-7.4p1-23.el7_9.x86_64
openssh-7.4p1-23.el7_9.x86_64
openssh-clients-7.4p1-23.el7_9.x86_64

Then I can look for these packages on the RedHat errata page package list. Since these match, it means that the fix is already implemented into the latest stable version of Flowmon and I don't need to be concerned about this vulnerability with regards to my Flowmon appliance.

Workaround:  
Notes:  

 


Was this article helpful?
0 out of 0 found this helpful

Comments