OpenSSH Vulnerability CVE-2024-6387 (regreSSHion)
  • 1 Minute to read
  • Dark
    Light
  • PDF

OpenSSH Vulnerability CVE-2024-6387 (regreSSHion)

  • Dark
    Light
  • PDF

Article summary

Vulnerability Description

An unauthenticated Remote Code Execution (RCE) vulnerability has been discovered in OpenSSH’s server (sshd), affecting glibc-based Linux systems. This critical vulnerability, designated CVE-2024-6387 and named regreSSHion, allows attackers to gain full root access without any user interaction. 

Vulnerability Details

Publication Date: July 2, 2024

CTERA CVSS Score 8.1 , Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 

Affected CTERA Products

  • CTERA Edge Filer (Only Versions 7.8.4300.3 through 7.8.4300.6 with SSH enabled)

Analysis

This vulnerability is possible if SSH was enabled for debugging purposes (note that SSH is NOT enabled by default). All earlier versions are not impacted. 

All CTERA products other than the specific CTERA Edge Filer versions listed above are not affected.

Workaround

To mitigate the vulnerability, users should disable debugging SSH if it is enabled by executing the following CLI command:

exec /config/device stopSSHD

See Execute CLI Commands from the Administrator User Interface for details how to run this CLI from the edge filer interface.

Permanent Solution

A new edge filer software version will be provided within a few days to ensure the safe use of SSH.

CTERA recommends applying this software update as soon as it becomes available to maintain security and operational integrity.

For any further assistance or inquiries, please contact CTERA support.

Vulnerability Remediation


Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence