Views:
Security Bulletin #1100 - REVISED
Subject: Trend Micro TippingPoint Product Advisory for CVE-2024-6387 (regreSSHion)
Date of Announcement: July 3, 2024
Summary
On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed a vulnerability impacting OpenSSH server (sshd) on Linux based systems.

Further details can be found at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387; additional technical details can be found in the Qualys Security Advisory.
TippingPoint Product Impact:
 
 Product  Software Version  Impact
SMS (virtual, standard, XL) All supported versions Impacted
TX (all models) All supported versions Not Impacted
TXE (all models) All supported versions Not Impacted
440T/2200T) All supported versions Not Impacted
TippingPoint SMS Mitigation Options:
 

Limit / Restricted Network Access: A secure management network should be used with appropriate access controls to restrict access to only authorized hosts.

Temporarily Disable Access via SSH: This prevents CLI access via SSH by disabling TCP/22 inbound to the SMS server. The CLI can still be accessed via a serial console or keyboard/monitor.

NOTE: SSH access can be disabled via the SMS Java client, Admin > Server Properties
Resolution:
  Trend Micro has released patches and hotfixes for all supported SMS versions impacted by this vulnerability, per the table below:
 
 Product  Fix Version / Link to TMC
SMS v6.3.0 SMS v6.3.0 Patch 1 / link
SMS v6.2.0 SMS v6.2.0 Patch 2 / link
SMS v6.1.0 Patch 1 SMS v6.1.0 Hot Fix 206159 / link
SMS v6.0.0 SMS v6.0.0 Hot Fix 205662 / link
SMS v5.5.4 Patch 1 SMS v5.5.4 Hot Fix 205331 / link
 
Note: SMS v6.1.0 and SMS v5.5.4 must have their associated patch installed before installing the hotfix.

 

Keywords: Trend Micro, TippingPoint, CVE-2024-6387, regreSSHion, security bulletin, OpenSSH vulnerability, Linux systems, Qualys Security Advisory