OpenSSH CVE-2023-48795 Vulnerability Response Note (January 23, 2024)

Summary

Vulnerability CVE-2023-48795 (Terrapin attack) has been discovered in OpenSSH, an implementation of the SSH protocol suite used in HYCU for Enterprise Clouds. Customers using HYCU for Enterprise Clouds are recommended to take the actions listed below as a safety precaution.

Date of publication

January 23rd 2024

Description

Vulnerability CVE-2023-48795 has been discovered in OpenSSH. SSH protocol is prone to a prefix truncation attack, which allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol and deleting an equal number of consecutive messages immediately after encryption starts ("Terrapin attack").

Impact

The attacker can reduce the security of SSH by using a downgrade attack via man-in-the-middle interception during protocol negotiation.

Mitigation

Please login to the HYCU console and execute the following steps

  • Update
    /etc/crypto-policies/policies/modules/HYCU.pmod
    by appending
    -CHACHA20-POLY1305
    to section
    cipher@SSH
  • Reload crypto policies by running command
    update-crypto-policies
  • Restart SSH service by running command
    systemctl restart sshd

This will eliminate any exposure to vulnerability CVE-2023-48795.

Reference

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.