This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Critical OpenSSH Vulnerability (CVE-2024-6387)

Fred12 4 months ago

Hello,

please provide information about XG(S) firewalls are affected somehow?

https://www.sophos.com/en-us/security-advisories does not provide anything about it.

Thanks,
Fred12

This thread was automatically locked due to age.

Top Replies

Vivek Jagad 4 months ago +1 verified

Hi Fred12 , Thank you for reaching out to the community, openssh server on SFOS is not affected.

Parents

0 Vivek Jagad 4 months ago

Hi Fred12 ,

Thank you for reaching out to the community, openssh server on SFOS is not affected.

Thanks & Regards,
_______________________________________________________________

Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

Log a Support Case | Sophos Service Guide
Best Practices – Support Case | Security Advisories
Compare Sophos next-gen Firewall | Fortune Favors the prepared
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +1 Vote Down

Cancel
0 Noct3 4 months ago in reply to Vivek Jagad
Hello,

Running the "sshd -v" command while connected to a firewall running SFOS v20 outputs this:

XGS126_XN02_SFOS 20.0.0 GA-Build222# sshd -v
2024-07-04 12:14:51Z unknown option -- v
OpenSSH , OpenSSL 1.1.1q 5 Jul 2022
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-o option] [-p port] [-u len]
XGS126_XN02_SFOS 20.0.0 GA-Build222#

Now I know that 1.1.1q is the version of OpenSSL but still, it was released back in 2022. It wouldn't be to far fetched to assume that OpenSSH also is running a version from 2022?

Assuming that the build of OpenSSH used in SFOS is vanilla and since all version since 2020 are vulnerable, that would make SFOS's OpenSSH version also vulnerable wouldn't it?

Thank you
Cancel
Vote Up -1 Vote Down

Cancel
+1 Noct3 4 months ago in reply to Noct3

Nevermind, an advisory was posted today stating that Sophos products are not affected.

Advisory: Unauthenticated Remove Code Execution Vulnerability in OpenSSH (CVE-2024-6387) | Sophos
Cancel
Vote Up +1 Vote Down

Cancel
0 Francisco Fiol Mas 4 months ago in reply to Noct3

Hello,

Great, thank you very much for the info.

Best regards
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Francisco Fiol Mas 4 months ago in reply to Noct3

Hello,

Great, thank you very much for the info.

Best regards
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data