Summary
Vulnerability CVE-2023-48795 (Terrapin attack) has been discovered in OpenSSH, an implementation of the SSH protocol suite used in HYCU for Enterprise Clouds. Customers using HYCU for Enterprise Clouds are recommended to take the actions listed below as a safety precaution.
Date of publication
January 23rd 2024
Description
Vulnerability CVE-2023-48795 has been discovered in OpenSSH. SSH protocol is prone to a prefix truncation attack, which allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol and deleting an equal number of consecutive messages immediately after encryption starts ("Terrapin attack").
Impact
The attacker can reduce the security of SSH by using a downgrade attack via man-in-the-middle interception during protocol negotiation.
Mitigation
Please login to the HYCU console and execute the following steps
- Update
/etc/crypto-policies/policies/modules/HYCU.pmod
by appending
-CHACHA20-POLY1305
to section
cipher@SSH - Reload crypto policies by running command
update-crypto-policies - Restart SSH service by running command
systemctl restart sshd
This will eliminate any exposure to vulnerability CVE-2023-48795.
Comments
Please sign in to leave a comment.