Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 44 subscribers
  • Views 10218 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795

Manoj Pathak

in recent scanning, we received "SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)" vulnerability on port 22.

just use this command in nmap "nmap -sV -p 22 --script ssh2-enum-algos 192.168.xxx.xxx"

if it shows "chacha20-poly1305@openssh.com" or any this with "-etm" then it will enables the Terrapin Attack.

i had latest firmware version SFOS 20.0.0 GA-Build222.

will it get patch or need to do anything manually.

.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Vivek Jagad

    hope  v20.0.2 MR-2 will get release soon. also kindly inform to your developer team that atleast  v20.0.2 MR-2 will not create any issue to update firmware to firewall. as version SFOS 20.0.0 GA-Build222 cause issue for update due to DHCP and to get update this firmware we have to disable the DHCP in firewall.

    if possible can you provide any approx. date for the release of  v20.0.2 MR-2 firmware.

Children
Unfiltered HTML