Security Bulletin #1100 - REVISED | ||||||||||||||||
Subject: Trend Micro TippingPoint Product Advisory for CVE-2024-6387 (regreSSHion) | ||||||||||||||||
Date of Announcement: July 3, 2024 | ||||||||||||||||
Summary | ||||||||||||||||
On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed a vulnerability impacting OpenSSH server (sshd) on Linux based systems. Further details can be found at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387; additional technical details can be found in the Qualys Security Advisory. |
||||||||||||||||
TippingPoint Product Impact: | ||||||||||||||||
|
||||||||||||||||
TippingPoint SMS Mitigation Options: | ||||||||||||||||
Limit / Restricted Network Access: A secure management network should be used with appropriate access controls to restrict access to only authorized hosts. Temporarily Disable Access via SSH: This prevents CLI access via SSH by disabling TCP/22 inbound to the SMS server. The CLI can still be accessed via a serial console or keyboard/monitor. NOTE: SSH access can be disabled via the SMS Java client, Admin > Server Properties |
||||||||||||||||
Resolution: | ||||||||||||||||
Trend Micro has released patches and hotfixes for all supported SMS versions impacted by this vulnerability, per the table below: | ||||||||||||||||
|
||||||||||||||||
Note: SMS v6.1.0 and SMS v5.5.4 must have their associated patch installed before installing the hotfix. |