Vulnerability Description
An unauthenticated Remote Code Execution (RCE) vulnerability has been discovered in OpenSSH’s server (sshd), affecting glibc-based Linux systems. This critical vulnerability, designated CVE-2024-6387 and named regreSSHion, allows attackers to gain full root access without any user interaction.
Vulnerability Details
Publication Date: July 2, 2024
CTERA CVSS Score 8.1 , Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected CTERA Products
- CTERA Edge Filer (Only Versions 7.8.4300.3 through 7.8.4300.6 with SSH enabled)
Analysis
This vulnerability is possible if SSH was enabled for debugging purposes (note that SSH is NOT enabled by default). All earlier versions are not impacted.
All CTERA products other than the specific CTERA Edge Filer versions listed above are not affected.
Workaround
To mitigate the vulnerability, users should disable debugging SSH if it is enabled by executing the following CLI command:
exec /config/device stopSSHD
See Execute CLI Commands from the Administrator User Interface for details how to run this CLI from the edge filer interface.
Permanent Solution
A new edge filer software version will be provided within a few days to ensure the safe use of SSH.
CTERA recommends applying this software update as soon as it becomes available to maintain security and operational integrity.
For any further assistance or inquiries, please contact CTERA support.