Symptom
This bug has been filed to evaluate the product Identity Services Engine (ISE) against the vulnerability in the OpenSSH server disclosed on July 1st, 2024:
CVE-2024-6387 - Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion)
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024
Conditions
ISE 2.X and 3.0 are not impacted.
ISE 3.1 P1,P2 and P3 are not impacted.
ISE 3.1 P4 and later patches are vulnerable.
ISE 3.2 is vulnerable
ISE 3.3 is vulnerable.
Workaround
-- A hotpatch for 3.1 is now available at https://software.cisco.com/download/home/283801620/type/283802505/release/HP-3.1-CSCwk61938
-- A hotpatch for 3.2 is now available at https://software.cisco.com/download/home/283801620/type/283802505/release/HP-3.2-CSCwk61938
-- Fix for 3.3 is available in patch 3 - now available at https://software.cisco.com/download/home/283801620/type/283802505/release/3.3%20Patch%203
NOTE: Cisco uses a customized library for SSH, the fix for this vulnerability is implemented in CiscoSSH 1.13.48 (based on OpenSSH 9.1)
Further Problem Description
Additional details about the vulnerability listed above can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS scores as of the time of evaluation are 8.1:
https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the
CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the
actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html
