Skip to main content

OpenSSH Remote Code Execution Vulnerability

Last Update Date: 5 Jul 2024 Release Date: 2 Jul 2024 4256 Views

RISK: High Risk

TYPE: Servers - Network Management

TYPE: Network Management

A vulnerability was identified in OpenSSH. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

CVE-2024-6387 affected sshd(8) was present in Portable OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary code execution with root privileges.

 

[Updated on 2024-07-05]

Updated System / Technologies affected, Solutions, Source and Related Links.


Impact

  • Remote Code Execution

System / Technologies affected

  • OpenSSH versions between 8.5p1 and 9.7p1 (inclusive)

 

[Updated on 2024-07-05]

For Cisco Products

For detail, please refer to the links below:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendors have issued fixes:

 

https://www.openssh.com/txt/release-9.8

 

[Updated on 2024-07-05]

For Cisco Products

For detail, please refer to the links below:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024


Vulnerability Identifier


Source


Related Link