/

CVE-2023-28531 Report - Details, Severity, & Advisorie...

CVE-2023-28531 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-28531?

CVE-2023-28531 is a critical vulnerability with a severity score of 9.8, affecting OpenSSH before version 9.3 in various systems and products. This vulnerability can lead to the disclosure of sensitive information, data modification, or even denial of service (DoS) attacks. Systems running affected software configurations, such as Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products, are at risk. It is crucial for users to update their systems to the latest OpenSSH version to mitigate this vulnerability.

Who is impacted?

The CVE-2023-28531 vulnerability affects users of OpenSSH before version 9.3, including those using Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products such as Brocade Fabric Operating System, HCI Bootstrap OS, and SolidFire Element OS. Debian users who add smartcard keys to the ssh-agent with per-hop destination constraints are also impacted. In summary, if you're using OpenSSH versions from 8.9 up to, but not including, 9.3, or any version of the mentioned NetApp products, your system is at risk.

What to do if CVE-2023-28531 affected you

If you're affected by the CVE-2023-28531 vulnerability, it's crucial to update your system to the latest OpenSSH version. Here's a simplified step-by-step guide:

  1. For Fedora 38 users, run the command: su -c 'dnf upgrade --advisory FEDORA-2024-2aac54ebb7'

  2. For Gentoo users, upgrade to OpenSSH version 9.3_p2 or above by following the instructions on the Gentoo security page

  3. For NetApp product users, monitor the NetApp security advisory for updates and patches

  4. For Debian users, upgrade the openssh packages as recommended on the Debian security update page

Is it in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-28531 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, named "ssh-add in OpenSSH before 9.3," was added to the catalog on March 17, 2023. There is no specific due date provided, but users are advised to update their OpenSSH software to version 9.3 or later to mitigate the vulnerability and protect their systems.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-Insufficient Information, indicating a lack of specific details about the vulnerability and its mitigation.

Learn More

CVE-2023-28531 is a critical vulnerability affecting OpenSSH before version 9.3, with severe consequences if exploited. To better understand the vulnerability and its implications, consult the NVD page and the following resources:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-28531 Report - Details, Severity, & Advisorie...

CVE-2023-28531 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-28531?

CVE-2023-28531 is a critical vulnerability with a severity score of 9.8, affecting OpenSSH before version 9.3 in various systems and products. This vulnerability can lead to the disclosure of sensitive information, data modification, or even denial of service (DoS) attacks. Systems running affected software configurations, such as Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products, are at risk. It is crucial for users to update their systems to the latest OpenSSH version to mitigate this vulnerability.

Who is impacted?

The CVE-2023-28531 vulnerability affects users of OpenSSH before version 9.3, including those using Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products such as Brocade Fabric Operating System, HCI Bootstrap OS, and SolidFire Element OS. Debian users who add smartcard keys to the ssh-agent with per-hop destination constraints are also impacted. In summary, if you're using OpenSSH versions from 8.9 up to, but not including, 9.3, or any version of the mentioned NetApp products, your system is at risk.

What to do if CVE-2023-28531 affected you

If you're affected by the CVE-2023-28531 vulnerability, it's crucial to update your system to the latest OpenSSH version. Here's a simplified step-by-step guide:

  1. For Fedora 38 users, run the command: su -c 'dnf upgrade --advisory FEDORA-2024-2aac54ebb7'

  2. For Gentoo users, upgrade to OpenSSH version 9.3_p2 or above by following the instructions on the Gentoo security page

  3. For NetApp product users, monitor the NetApp security advisory for updates and patches

  4. For Debian users, upgrade the openssh packages as recommended on the Debian security update page

Is it in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-28531 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, named "ssh-add in OpenSSH before 9.3," was added to the catalog on March 17, 2023. There is no specific due date provided, but users are advised to update their OpenSSH software to version 9.3 or later to mitigate the vulnerability and protect their systems.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-Insufficient Information, indicating a lack of specific details about the vulnerability and its mitigation.

Learn More

CVE-2023-28531 is a critical vulnerability affecting OpenSSH before version 9.3, with severe consequences if exploited. To better understand the vulnerability and its implications, consult the NVD page and the following resources:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-28531 Report - Details, Severity, & Advisories

Twingate Team

May 30, 2024

What is CVE-2023-28531?

CVE-2023-28531 is a critical vulnerability with a severity score of 9.8, affecting OpenSSH before version 9.3 in various systems and products. This vulnerability can lead to the disclosure of sensitive information, data modification, or even denial of service (DoS) attacks. Systems running affected software configurations, such as Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products, are at risk. It is crucial for users to update their systems to the latest OpenSSH version to mitigate this vulnerability.

Who is impacted?

The CVE-2023-28531 vulnerability affects users of OpenSSH before version 9.3, including those using Fedora 38, Gentoo's "net-misc/openssh" package, and multiple NetApp products such as Brocade Fabric Operating System, HCI Bootstrap OS, and SolidFire Element OS. Debian users who add smartcard keys to the ssh-agent with per-hop destination constraints are also impacted. In summary, if you're using OpenSSH versions from 8.9 up to, but not including, 9.3, or any version of the mentioned NetApp products, your system is at risk.

What to do if CVE-2023-28531 affected you

If you're affected by the CVE-2023-28531 vulnerability, it's crucial to update your system to the latest OpenSSH version. Here's a simplified step-by-step guide:

  1. For Fedora 38 users, run the command: su -c 'dnf upgrade --advisory FEDORA-2024-2aac54ebb7'

  2. For Gentoo users, upgrade to OpenSSH version 9.3_p2 or above by following the instructions on the Gentoo security page

  3. For NetApp product users, monitor the NetApp security advisory for updates and patches

  4. For Debian users, upgrade the openssh packages as recommended on the Debian security update page

Is it in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-28531 vulnerability is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. This vulnerability, named "ssh-add in OpenSSH before 9.3," was added to the catalog on March 17, 2023. There is no specific due date provided, but users are advised to update their OpenSSH software to version 9.3 or later to mitigate the vulnerability and protect their systems.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-Insufficient Information, indicating a lack of specific details about the vulnerability and its mitigation.

Learn More

CVE-2023-28531 is a critical vulnerability affecting OpenSSH before version 9.3, with severe consequences if exploited. To better understand the vulnerability and its implications, consult the NVD page and the following resources: